Almost all uses, if not all of them, are wrong, according to the
semantics of BUILD_DEPENDS (packages built for target available for
use _by_ tools at build-time) and TOOL_DEPEPNDS (packages built for
host available for use _as_ tools at build-time).
No change to BUILD_DEPENDS as used correctly inside buildlink3.
As proposed on tech-pkg:
https://mail-index.netbsd.org/tech-pkg/2023/06/03/msg027632.html
Highlights:
The shell
Improvements of maps
Improvements of the lists module
No need to enable feature maybe in the runtime system
Improvements in the Erlang compiler and JIT
Incremental mode for Dialyzer
argparse: A command line parser for Erlang
SSL: Safer defaults
SSL: Improved checking of options
See https://www.erlang.org/blog/otp-26-highlights/
and https://www.erlang.org/news/164
Support for fully asynchronous distributed signaling where send
operations never block. This functionality is by default disabled
and can be enabled per process. For more information see the
documentation of process_flag(async_dist, Bool).
Potential incompatibilities:
- The inet:setopts/2 {reuseaddr, true} option will now be ignored on
Windows unless the socket is an UDP socket. For more information see
the documentation of the reuseaddr option part of the documentation of
inet:setopts/2. Prior to OTP 25 the {reuseaddr, true} option was
ignored for all sockets on Windows, but as of OTP 25.0 this was
changed so that it was not ignored for any sockets.
It may make more sense to break this out into a separate file, as is
done for other options, but there's helper code present to regenerate
into the base PLIST itself, so I'm simply restoring to there for now.
This update fixes chat/ejabberd building.
upstream changes:
-----------------
Patch Package: OTP 23.3.4
Git Tag: OTP-23.3.4
Date: 2021-05-10
Trouble Report Id: OTP-17366, OTP-17379, OTP-17386
Seq num: ERIERL-650, GH-4775
System: OTP
Release: 23
Application: compiler-7.6.9, diameter-2.2.4, erts-11.2.2
Predecessor: OTP 23.3.3
Check out the git tag OTP-23.3.4, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- compiler-7.6.9 --------------------------------------------------
---------------------------------------------------------------------
The compiler-7.6.9 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17386 Application(s): compiler
Related Id(s): ERIERL-650, OTP-17357
Reverted the fix for OTP-17357 as it turned out to be
incomplete and made the validator reject much more
legal code than before.
It will be fixed more thoroughly in a later patch.
Full runtime dependencies of compiler-7.6.9: crypto-3.6, erts-11.0,
hipe-3.12, kernel-7.0, stdlib-3.13
---------------------------------------------------------------------
--- diameter-2.2.4 --------------------------------------------------
---------------------------------------------------------------------
The diameter-2.2.4 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17366 Application(s): diameter
Related Id(s): GH-4775
The unordered option was ignored on a client
diameter_sctp transport, causing all delivery to be
ordered.
The association id was not specified to gen_sctp when
requesting unordered delivery, causing the setting to
be applied to the whole endpoint.
Thanks to Bengt Kleberg and Andreas Schultz.
Full runtime dependencies of diameter-2.2.4: erts-10.0, kernel-3.2,
ssl-9.0, stdlib-2.4
---------------------------------------------------------------------
--- erts-11.2.2 -----------------------------------------------------
---------------------------------------------------------------------
The erts-11.2.2 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17379 Application(s): erts
Related Id(s): PR-4804
Fix bug in match spec compilator seen to cause a stack
overflow crash on debug VM for certain match specs.
Could potentially cause problems for standard VM, but
has not been verified. Match specs are used by
ets:match/select functions and erlang:trace_pattern.
Full runtime dependencies of erts-11.2.2: kernel-7.0, sasl-3.3,
stdlib-3.13
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
upstream changes:
-----------------
Patch Package: OTP 23.3.3
Git Tag: OTP-23.3.3
Date: 2021-05-06
Trouble Report Id: OTP-16607, OTP-16930, OTP-17347, OTP-17357,
OTP-17358, OTP-17361
Seq num: ERL-1371, ERL-1439, ERL-ERL-610, GH-3480,
GH-4396, GH-4774
System: OTP
Release: 23
Application: common_test-1.20.2, compiler-7.6.8,
erl_interface-4.0.3, kernel-7.3.1,
runtime_tools-1.16.1
Predecessor: OTP 23.3.2
Check out the git tag OTP-23.3.3, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- common_test-1.20.2 ----------------------------------------------
---------------------------------------------------------------------
The common_test-1.20.2 application can be applied independently of
other applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17347 Application(s): common_test
Related Id(s): ERL-1439, GH-3480
Before this change Config leaked between test groups in
case of a subgroup was skipped (GH-3480).
Full runtime dependencies of common_test-1.20.2: compiler-6.0,
crypto-3.6, debugger-4.1, erts-7.0, ftp-1.0.0, inets-6.0, kernel-4.0,
observer-2.1, runtime_tools-1.8.16, sasl-2.4.2, snmp-5.1.2, ssh-4.0,
stdlib-3.5, syntax_tools-1.7, tools-2.8, xmerl-1.3.8
---------------------------------------------------------------------
--- compiler-7.6.8 --------------------------------------------------
---------------------------------------------------------------------
The compiler-7.6.8 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17357 Application(s): compiler
Related Id(s): GH-4774
Fixed a bug in the validator that could cause it to
reject valid code.
Full runtime dependencies of compiler-7.6.8: crypto-3.6, erts-11.0,
hipe-3.12, kernel-7.0, stdlib-3.13
---------------------------------------------------------------------
--- erl_interface-4.0.3 ---------------------------------------------
---------------------------------------------------------------------
The erl_interface-4.0.3 application can be applied independently of
other applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17358 Application(s): erl_interface
Related Id(s): ERL-ERL-610
Fix bug where sending of large data with
ei_send_*/ei_rpc with infinite timeout could fail when
the tcp buffer becomes full.
Fault has existed since OTP-21.
--- Known Bugs and Problems ---
OTP-16607 Application(s): erl_interface
Related Id(s): OTP-16608
The ei API for decoding/encoding terms is not fully
64-bit compatible since terms that have a
representation on the external term format larger than
2 GB cannot be handled.
---------------------------------------------------------------------
--- kernel-7.3.1 ----------------------------------------------------
---------------------------------------------------------------------
The kernel-7.3.1 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17361 Application(s): kernel
A bug in the Erlang DNS resolver has been fixed, where
it could be made to bring down the kernel supervisor
and thereby the whole node, when getting an incorrect
(IN A reply to an IN CNAME query) reply from the DNS
server and used the reply record's value without
verifying its type.
Full runtime dependencies of kernel-7.3.1: erts-11.0, sasl-3.0,
stdlib-3.13
---------------------------------------------------------------------
--- runtime_tools-1.16.1 --------------------------------------------
---------------------------------------------------------------------
The runtime_tools-1.16.1 application can be applied independently of
other applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-16930 Application(s): runtime_tools
Related Id(s): ERL-1371, GH-4396
The function dbg:n/1 used a local fun to set up a
tracer on a remote node. This works fine as long as the
remote node is running exactly the same version of
Erlang/OTP but does not work at all otherwise. This is
fixed by exporting the relevant function and by calling
this function on the remote node to set up remote
tracing.
Full runtime dependencies of runtime_tools-1.16.1: erts-11.0,
kernel-7.0, mnesia-4.12, stdlib-3.13
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
upstream changes:
-----------------
Patch Package: OTP 23.3.1
Git Tag: OTP-23.3.1
Date: 2021-03-30
Trouble Report Id: OTP-17279
Seq num:
System: OTP
Release: 23
Application: ssh-4.11.1
Predecessor: OTP 23.3
Check out the git tag OTP-23.3.1, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- ssh-4.11.1 ------------------------------------------------------
---------------------------------------------------------------------
The ssh-4.11.1 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17279 Application(s): ssh
The idle_time timer was not cancelled when a channel
was opened within the timeout time on an empty
connection that have had channels previously.
Full runtime dependencies of ssh-4.11.1: crypto-4.6.4, erts-9.0,
kernel-5.3, public_key-1.6.1, stdlib-3.4.1
---------------------------------------------------------------------
Changes for 23.3 are at https://erlang.org/download/OTP-23.3.README
upstream changes:
-----------------
Patch Package: OTP 23.2.7
Git Tag: OTP-23.2.7
Date: 2021-03-03
Trouble Report Id: OTP-12960, OTP-17228
Seq num: ERIERL-598, ERIERL-614
System: OTP
Release: 23
Application: kernel-7.2.1, ssl-10.2.4
Predecessor: OTP 23.2.6
Check out the git tag OTP-23.2.7, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- kernel-7.2.1 ----------------------------------------------------
---------------------------------------------------------------------
The kernel-7.2.1 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-12960 Application(s): kernel
Related Id(s): ERIERL-598, PR-4509
When using the DNS resolver option
servfail_retry_timeout it did not honour the overall
call time-out in e.g inet_res:getbyname/3. This
misbehaviour has now been fixed. Also, the
servfail_retry_timeout behaviour has been improved to
only be enforced for servers that gives a servfail
answer.
Full runtime dependencies of kernel-7.2.1: erts-11.0, sasl-3.0,
stdlib-3.13
---------------------------------------------------------------------
--- ssl-10.2.4 ------------------------------------------------------
---------------------------------------------------------------------
The ssl-10.2.4 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17228 Application(s): ssl
Related Id(s): ERIERL-614
Enhance logging option log_level to support none and
all, also restore backwards compatibility for log_alert
option.
Full runtime dependencies of ssl-10.2.4: crypto-4.2, erts-10.0,
inets-5.10.7, kernel-6.0, public_key-1.8, stdlib-3.12
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
upstream changes:
-----------------
Patch Package: OTP 23.2.6
Git Tag: OTP-23.2.6
Date: 2021-02-25
Trouble Report Id: OTP-17173, OTP-17205, OTP-17220
Seq num: ERIERL-581, ERIERL-608
System: OTP
Release: 23
Application: inets-7.3.2, ssh-4.10.8
Predecessor: OTP 23.2.5
Check out the git tag OTP-23.2.6, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- inets-7.3.2 -----------------------------------------------------
---------------------------------------------------------------------
The inets-7.3.2 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17205 Application(s): inets
Related Id(s): ERIERL-608
Solves CVE-2021-27563, that is make sure no form of
relative path can be used to go outside webservers
directory.
OTP-17220 Application(s): inets
Make sure HEAD requests rejects directory links
Full runtime dependencies of inets-7.3.2: erts-6.0, kernel-3.0,
mnesia-4.12, runtime_tools-1.8.14, ssl-5.3.4, stdlib-3.5
---------------------------------------------------------------------
--- ssh-4.10.8 ------------------------------------------------------
---------------------------------------------------------------------
The ssh-4.10.8 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17173 Application(s): ssh
Related Id(s): ERIERL-581
Don't timeout slow connection setups and tear-downs. A
rare crash risk for the controller is also removed.
Full runtime dependencies of ssh-4.10.8: crypto-4.6.4, erts-9.0,
kernel-5.3, public_key-1.6.1, stdlib-3.4.1
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
Patch Package: OTP 23.2.5
Git Tag: OTP-23.2.5
Date: 2021-02-16
Trouble Report Id: OTP-17185, OTP-17190, OTP-17191
Seq num: ERIERL-606, ERL-1476, GH-4192
System: OTP
Release: 23
Application: erts-11.1.8, ssl-10.2.3, tools-3.4.3
Predecessor: OTP 23.2.4
Check out the git tag OTP-23.2.5, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- erts-11.1.8 -----------------------------------------------------
---------------------------------------------------------------------
The erts-11.1.8 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17185 Application(s): erts
Fixed a bug that could cause some work scheduled for
execution on scheduler threads to be delayed until
other similar work appeared. Beside delaying various
cleanup of internal data structures also the following
could be delayed:
-- Termination of a distribution controller process
-- Disabling of the distribution on a node
-- Gathering of memory allocator information using the
instrument module
-- Enabling, disabling, and gathering of msacc
information
-- Delivery of 'CHANGE' messages when time offset is
monitored
-- A call to erlang:cancel_timer()
-- A call to erlang:read_timer()
-- A call to erlang:statistics(io | garbage_collection
| scheduler_wall_time)
-- A call to ets:all()
-- A call to erlang:memory()
-- A call to erlang:system_info({allocator |
allocator_sizes, _})
-- A call to erlang:trace_delivered()
The bug existed on runtime systems running on all types
of hardware except for x86/x86_64.
Full runtime dependencies of erts-11.1.8: kernel-7.0, sasl-3.3,
stdlib-3.13
---------------------------------------------------------------------
--- ssl-10.2.3 ------------------------------------------------------
---------------------------------------------------------------------
The ssl-10.2.3 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17190 Application(s): ssl
Related Id(s): ERIERL-606
Avoid race when the first two upgrade server handshakes
(that is servers that use a gen_tcp socket as input to
ssl:handshake/2,3) start close to each other. Could
lead to that one of the handshakes would fail.
Full runtime dependencies of ssl-10.2.3: crypto-4.2, erts-10.0,
inets-5.10.7, kernel-6.0, public_key-1.8, stdlib-3.12
---------------------------------------------------------------------
--- tools-3.4.3 -----------------------------------------------------
---------------------------------------------------------------------
The tools-3.4.3 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17191 Application(s): tools
Related Id(s): ERL-1476, GH-4192, OTP-16922
Correct the Xref analysis undefined_functions to not
report internally generated behaviour_info/1.
Full runtime dependencies of tools-3.4.3: compiler-5.0, erts-11.0,
erts-9.1, kernel-5.4, runtime_tools-1.8.14, stdlib-3.4
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
Restore some PLIST content state from prior to the 23.2.4 update,
which mistakenly moved some hipe-related files that get built
universally to the PLIST.hipe list. The "--disable-hipe" option does
not impact everything. Build tested with the hipe option both enabled
and disabled. This should fix build breakages, e.g., NetBSD/aarch64.
(Separately, it's kind of unfortunate that this package uses both PLIST
variables and separate PLIST files to segment content driven by options.
It should really use one approach or the other consistently, but I
haven't touched that here.)
pkgsrc changes:
---------------
* Fix PLIST when the hive option is enabled.
upstream changes:
-----------------
Patch Package: OTP 23.2.4
Git Tag: OTP-23.2.4
Date: 2021-02-04
Trouble Report Id: OTP-16239, OTP-17139, OTP-17161, OTP-17174
Seq num: ERIERL-597, ERL-1458
System: OTP
Release: 23
Application: snmp-5.7.3, ssl-10.2.2
Predecessor: OTP 23.2.3
Check out the git tag OTP-23.2.4, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- snmp-5.7.3 ------------------------------------------------------
---------------------------------------------------------------------
The snmp-5.7.3 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17161 Application(s): snmp
[manager] In a function handling snmp errors, an unused
result (_Error) could result in matching issues and
therefor case clause runtime errors (crash). Note that
this would only happen in *very* unusual error cases.
Full runtime dependencies of snmp-5.7.3: crypto-3.3, erts-6.0,
kernel-3.0, mnesia-4.12, runtime_tools-1.8.14, stdlib-2.5
---------------------------------------------------------------------
--- ssl-10.2.2 ------------------------------------------------------
---------------------------------------------------------------------
The ssl-10.2.2 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17139 Application(s): ssl
Related Id(s): ERL-1458, OTP-16239
Avoid that upgrade (from TCP to TLS) servers starts
multiple session cache handlers for the same server.
This applies to Erlang distribution over TLS servers.
OTP-17174 Application(s): ssl
Related Id(s): ERIERL-597
Legacy cipher suites defined before TLS-1.2 (but still
supported) should be possible to use in TLS-1.2. They
where accidentally excluded for available cipher suites
for TLS-1.2 in OTP-23.2.2.
--- Improvements and New Features ---
OTP-16239 Application(s): ssl
Related Id(s): ERL-1458, OTP-17139
Enable Erlang distribution over TLS to run TLS-1.3,
although TLS-1.2 will still be default.
Full runtime dependencies of ssl-10.2.2: crypto-4.2, erts-10.0,
inets-5.10.7, kernel-6.0, public_key-1.8, stdlib-3.12
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
Patch Package: OTP 23.2.3
Git Tag: OTP-23.2.3
Date: 2021-01-20
Trouble Report Id: OTP-17097, OTP-17107, OTP-17108, OTP-17110
Seq num: ERIERL-586, ERL-1442
System: OTP
Release: 23
Application: crypto-4.8.3, erts-11.1.7, snmp-5.7.2,
ssh-4.10.7
Predecessor: OTP 23.2.2
Check out the git tag OTP-23.2.3, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- crypto-4.8.3 ----------------------------------------------------
---------------------------------------------------------------------
The crypto-4.8.3 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17107 Application(s): crypto
Adding missing flag in BN-calls in SRP.
Full runtime dependencies of crypto-4.8.3: erts-9.0, kernel-5.3,
stdlib-3.4
---------------------------------------------------------------------
--- erts-11.1.7 -----------------------------------------------------
---------------------------------------------------------------------
The erts-11.1.7 application can be applied independently of other
applications on a full OTP 23 installation.
--- Improvements and New Features ---
OTP-17097 Application(s): erts
Make windows installer remove write access rights for
non admin users when installing to a non default
directory. Reduces the risk for DLL sideloading, but
the user should always be aware of the access rights
for the installation.
Full runtime dependencies of erts-11.1.7: kernel-7.0, sasl-3.3,
stdlib-3.13
---------------------------------------------------------------------
--- snmp-5.7.2 ------------------------------------------------------
---------------------------------------------------------------------
The snmp-5.7.2 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17110 Application(s): snmp
Related Id(s): ERIERL-586
[manager] Misspelled priv protocol (atom) made it
impossible to update usm user 'priv_key' configuration
for usmAesCfb128Protocol via function calls.
Full runtime dependencies of snmp-5.7.2: crypto-3.3, erts-6.0,
kernel-3.0, mnesia-4.12, runtime_tools-1.8.14, stdlib-2.5
---------------------------------------------------------------------
--- ssh-4.10.7 ------------------------------------------------------
---------------------------------------------------------------------
The ssh-4.10.7 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17108 Application(s): ssh
Related Id(s): ERL-1442
The SSH daemon erroneously replaced LF with CRLF also
when there was no pty requested from the server.
Full runtime dependencies of ssh-4.10.7: crypto-4.6.4, erts-9.0,
kernel-5.3, public_key-1.6.1, stdlib-3.4.1
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
Since do-configure-pre-hook already depends on replace-interpreter, there
is no point in making any other stage depend on that as well. At best,
it has no effect. At worst it creates a hard-to-find difference between
builds that run "bmake install" directly and builds that split the build
into "bmake configure && bmake build && bmake install", as bulk builds
do.
This brings us up to the latest patch release for this branch before freeze...
--- Fixed Bugs and Malfunctions ---
OTP-16457 Application(s): diameter
The possibility of choosing a handler process for an
incoming Diameter request with a configured MFA was
documented in OTP 20.0, but counters (with
{traffic_counters, true}) were not incremented when
this process was on a remote node. Counters are now
incremented on the node that configures the transport
in question.
Introduced in OTP 21.3.
OTP-16459 Application(s): diameter
Transport options differing from those passed to
diameter:add_transport/2 were used in several
situations: when starting a transport process after
connect_timer expiry after an initial connection
attempt has failed, when starting a transport process
after a connection has been accepted, when sending
events, when returning options in
diameter:service_info/2, and possibly more. In
particular, the following configuration options to
diameter:add_transport/2 were dropped:
avp_dictionaries, incoming_maxlen, spawn_opt,
strict_mbit.
Moreover, any service options mistakenly passed to
diameter:add_transport/2 were interpreted as such,
instead of being ignored as the documentation states,
with the consequence that outgoing and incoming
requests saw different values of some options, some
were always taken from transport options, and others
from service options.
diameter:add_transport/2 must be called in new code for
the fix to have effect.
Introduced in OTP 20.1.
Full runtime dependencies of diameter-2.2.2: erts-10.0, kernel-3.2,
ssl-9.0, stdlib-2.4
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
