chore(deps): update dependency erlang to v27.3 #123

Merged

joao.dubas merged 1 commits from renovate/erlang-27.x into main 2025-03-06 22:03:30 +00:00

Conversation 0 Commits 1 Files Changed 1 +1 -1

renovate-bot commented 2025-02-17 17:28:16 +00:00

Collaborator

Copy Link

This PR contains the following updates:

Package	Update	Change
erlang	minor	27.2.2 -> 27.3

---

Release Notes

erlang/otp (erlang)

v27.3: OTP 27.3

Compare Source

OTP 27.3

Erlang/OTP 27.3 is the third maintenance patch package for OTP 27, with mostly bug fixes as well as improvements.

For details about bugfixes and potential incompatibilities see the Erlang 27.3 README

The Erlang/OTP source can also be found at GitHub on the official Erlang repository,
https://github.com/erlang/otp

Download links for this and previous versions are found here:

• https://www.erlang.org/downloads

v27.2.4: OTP 27.2.4

Compare Source

Patch Package:           OTP 27.2.4
Git Tag:                 OTP-27.2.4
Date:                    2025-02-20
Trouble Report Id:       OTP-19438, OTP-19466
Seq num:                 CVE-2025-26618, ERIERL-1173, ERIERL-1180
System:                  OTP
Release:                 27
Application:             snmp-5.18.1, ssh-5.2.7
Predecessor:             OTP 27.2.3

Check out the git tag OTP-27.2.4, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

snmp-5.18.1

The snmp-5.18.1 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• SNMP Agent transports type (intAgentTransports) was incorrectly not documented
  as a list of transports. Also add a couple of config file generation examples.

  Own Id: OTP-19438
  Related Id(s): ERIERL-1180

Full runtime dependencies of snmp-5.18.1

crypto-4.6, erts-12.0, kernel-8.0, mnesia-4.12, runtime_tools-1.8.14,
stdlib-5.0

ssh-5.2.7

The ssh-5.2.7 application can be applied independently of other applications on
a full OTP 27 installation.

Fixed Bugs and Malfunctions

• SFTP packets exceeding max packet size are not processed and dropped.

  Own Id: OTP-19466
  Related Id(s): ERIERL-1173, CVE-2025-26618

Full runtime dependencies of ssh-5.2.7

crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1,
stdlib-5.0, stdlib-6.0

v27.2.3: OTP 27.2.3

Compare Source

Patch Package:           OTP 27.2.3
Git Tag:                 OTP-27.2.3
Date:                    2025-02-17
Trouble Report Id:       OTP-19457, OTP-19467, OTP-19486
Seq num:                 ERIERL-1189, ERIERL-1190, PR-9387, PR-9408,
                         PR-9418
System:                  OTP
Release:                 27
Application:             inets-9.3.2, ssl-11.2.8
Predecessor:             OTP 27.2.2

Check out the git tag OTP-27.2.3, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

inets-9.3.2

The inets-9.3.2 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Improved robustness of httpd startup procedure.

  Own Id: OTP-19486
  Related Id(s): ERIERL-1190, PR-9408

Full runtime dependencies of inets-9.3.2

erts-14.0, kernel-9.0, mnesia-4.12, public_key-1.13, runtime_tools-1.8.14,
ssl-9.0, stdlib-5.0, stdlib-6.0

ssl-11.2.8

Note! The ssl-11.2.8 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.4 (first satisfied in OTP 27.1.3)

Fixed Bugs and Malfunctions

• Setting protocol version to a lower value then supported by default in server
  API function called after ssl:listen/2 could result in wrong default values
  being used and connections failing with insufficient security.

  Own Id: OTP-19457
  Related Id(s): PR-9418

• Improve error handling of server name indication fun. This implies that if the
  sni_fun returns undefined we will attempt connection with original option
  values, if it returns unrecognized we end the connection with
  UNRECOGNIZED_NAME alert and if provided options fail option verification we
  will end the connection with a HANDSHAKE_FAILURE and an error log.

  Own Id: OTP-19467
  Related Id(s): ERIERL-1189, PR-9387

Full runtime dependencies of ssl-11.2.8

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4,
runtime_tools-1.15.1, stdlib-6.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [erlang](https://github.com/erlang/otp) | minor | `27.2.2` -> `27.3` | --- ### Release Notes <details> <summary>erlang/otp (erlang)</summary> ### [`v27.3`](https://github.com/erlang/otp/releases/tag/OTP-27.3): OTP 27.3 [Compare Source](https://github.com/erlang/otp/compare/OTP-27.2.4...OTP-27.3) #### OTP 27.3 Erlang/OTP 27.3 is the third maintenance patch package for OTP 27, with mostly bug fixes as well as improvements. For details about bugfixes and potential incompatibilities see the [Erlang 27.3 README](https://erlang.org/download/OTP-27.3.README) The Erlang/OTP source can also be found at GitHub on the official Erlang repository, https://github.com/erlang/otp Download links for this and previous versions are found here: - [https://www.erlang.org/downloads](/downloads) ### [`v27.2.4`](https://github.com/erlang/otp/releases/tag/OTP-27.2.4): OTP 27.2.4 [Compare Source](https://github.com/erlang/otp/compare/OTP-27.2.3...OTP-27.2.4) Patch Package: OTP 27.2.4 Git Tag: OTP-27.2.4 Date: 2025-02-20 Trouble Report Id: OTP-19438, OTP-19466 Seq num: CVE-2025-26618, ERIERL-1173, ERIERL-1180 System: OTP Release: 27 Application: snmp-5.18.1, ssh-5.2.7 Predecessor: OTP 27.2.3 Check out the git tag OTP-27.2.4, and build a full OTP system including documentation. Apply one or more applications from this build as patches to your installation using the 'otp_patch_apply' tool. For information on install requirements, see descriptions for each application version below. ### snmp-5.18.1 The snmp-5.18.1 application can be applied independently of other applications on a full OTP 27 installation. #### Fixed Bugs and Malfunctions - SNMP Agent transports type (intAgentTransports) was incorrectly not documented as a list of transports. Also add a couple of config file generation examples. Own Id: OTP-19438\ Related Id(s): ERIERL-1180 > #### Full runtime dependencies of snmp-5.18.1 > > crypto-4.6, erts-12.0, kernel-8.0, mnesia-4.12, runtime_tools-1.8.14, > stdlib-5.0 ### ssh-5.2.7 The ssh-5.2.7 application can be applied independently of other applications on a full OTP 27 installation. #### Fixed Bugs and Malfunctions - SFTP packets exceeding max packet size are not processed and dropped. Own Id: OTP-19466\ Related Id(s): ERIERL-1173, [CVE-2025-26618] > #### Full runtime dependencies of ssh-5.2.7 > > crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1, > stdlib-5.0, stdlib-6.0 [CVE-2025-26618]: https://nvd.nist.gov/vuln/detail/CVE-2025-26618 ### [`v27.2.3`](https://github.com/erlang/otp/releases/tag/OTP-27.2.3): OTP 27.2.3 [Compare Source](https://github.com/erlang/otp/compare/OTP-27.2.2...OTP-27.2.3) Patch Package: OTP 27.2.3 Git Tag: OTP-27.2.3 Date: 2025-02-17 Trouble Report Id: OTP-19457, OTP-19467, OTP-19486 Seq num: ERIERL-1189, ERIERL-1190, PR-9387, PR-9408, PR-9418 System: OTP Release: 27 Application: inets-9.3.2, ssl-11.2.8 Predecessor: OTP 27.2.2 Check out the git tag OTP-27.2.3, and build a full OTP system including documentation. Apply one or more applications from this build as patches to your installation using the 'otp_patch_apply' tool. For information on install requirements, see descriptions for each application version below. ### inets-9.3.2 The inets-9.3.2 application can be applied independently of other applications on a full OTP 27 installation. #### Fixed Bugs and Malfunctions - Improved robustness of httpd startup procedure. Own Id: OTP-19486\ Related Id(s): ERIERL-1190, [PR-9408] > #### Full runtime dependencies of inets-9.3.2 > > erts-14.0, kernel-9.0, mnesia-4.12, public_key-1.13, runtime_tools-1.8.14, > ssl-9.0, stdlib-5.0, stdlib-6.0 ### ssl-11.2.8 Note! The ssl-11.2.8 application *cannot* be applied independently of other applications on an arbitrary OTP 27 installation. On a full OTP 27 installation, also the following runtime dependency has to be satisfied: -- public_key-1.16.4 (first satisfied in OTP 27.1.3) #### Fixed Bugs and Malfunctions - Setting protocol version to a lower value then supported by default in server API function called after ssl:listen/2 could result in wrong default values being used and connections failing with insufficient security. Own Id: OTP-19457\ Related Id(s): [PR-9418] - Improve error handling of server name indication fun. This implies that if the `sni_fun` returns `undefined` we will attempt connection with original option values, if it returns `unrecognized` we end the connection with UNRECOGNIZED_NAME alert and if provided options fail option verification we will end the connection with a HANDSHAKE_FAILURE and an error log. Own Id: OTP-19467\ Related Id(s): ERIERL-1189, [PR-9387] > #### Full runtime dependencies of ssl-11.2.8 > > crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4, > runtime_tools-1.15.1, stdlib-6.0 [PR-9387]: https://github.com/erlang/otp/pull/9387 [PR-9408]: https://github.com/erlang/otp/pull/9408 [PR-9418]: https://github.com/erlang/otp/pull/9418 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS45OC4wIiwidXBkYXRlZEluVmVyIjoiMzkuOTguMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

renovate-bot added 1 commit 2025-02-17 17:28:17 +00:00

chore(deps): update dependency erlang to v27.2.3 96e0e7ff77

renovate-bot changed title from chore(deps): update dependency erlang to v27.2.3 to chore(deps): update dependency erlang to v27.2.4 2025-02-20 15:42:03 +00:00

renovate-bot force-pushed renovate/erlang-27.x from 96e0e7ff77 to c2efb9037b 2025-02-20 15:42:04 +00:00 Compare

renovate-bot changed title from chore(deps): update dependency erlang to v27.2.4 to chore(deps): update dependency erlang to v27.3 2025-03-05 09:56:40 +00:00

renovate-bot force-pushed renovate/erlang-27.x from c2efb9037b to a34cf917ab 2025-03-05 09:56:44 +00:00 Compare

joao.dubas merged commit ab2ade294e into main 2025-03-06 22:03:30 +00:00

joao.dubas deleted branch renovate/erlang-27.x 2025-03-06 22:03:30 +00:00

joao.dubas referenced this issue from a commit 2025-03-06 22:03:33 +00:00

chore(deps): update dependency erlang to v27.3 (#123)

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

renovate-bot joao.dubas

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: joao.dubas/ex_trainer#123

No description provided.