- Update to 18.3.4.11 (boo#1118867).
- Changes for 18.3.4.11:
  * stdlib: List subtraction (The -- operator) will now yield
    properly on large inputs.
  * erts: List subtraction (The -- operator) will now yield properly
    on large inputs.
- Changes for 18.3.4.10:
  * erts: Fixed small memory leak that could occur when sending to a
    terminating port.

• Files Changed
• Browse Source

- Update to 18.3.4.9:
  * ssh: Fix rare spurios shutdowns of ssh servers when
    receiveing {'EXIT',_,normal} messages.

• Files Changed
• Browse Source

- Update to 18.3.4.8:
  * ssh: Default exec is disabled when a user-defined shell is
    enabled

• Files Changed
• Browse Source

- Update to 18.3.4.7:
  * ssl: An erlang TLS server configured with cipher suites using
    rsa key exchange, may be vulnerable to ani Adaptive Chosen
    Ciphertext attack (AKA Bleichenbacheri attack) against RSA,
    which when exploited, may resulti in plaintext recovery of
    encrypted messages and/or ai Man-in-the-middle (MiTM) attack,
    despite the attackeri not having gained access to the server’s
    private key itself. CVE-2017-1000385
    Exploiting this vulnerability to perform plaintext recovery of
    encrypted messages will, in most practical cases, allow an
    attacker to read the plaintext only after the session has
    completed. Only TLS sessions established using RSA key exchange
    are vulnerable to this attack.
    Exploiting this vulnerability to conduct a MiTM attack requires
    the attacker to complete the initial attack, which may require
    thousands of server requests, during the handshake phase of the
    targeted session within the window of the configured handshake
    timeout. This attack may be conducted against any TLS session
    using RSA signatures, but only if cipher suites using RSA key
    exchange are also enabled on the server. The limited window of
    opportunity, limitations in bandwidth, and latency make this
    attack significantly more difficult to execute.
    RSA key exchange is enabled by default although least
    prioritized if server order is honored. For such a cipher suite
    to be chosen it must also be supported by the client and
    probably the only shared cipher suite.
    Captured TLS sessions encrypted with ephemeral cipher suites
    (DHE or ECDHE) are not at risk for subsequent decryption due to
    this vulnerability.

• Files Changed
• Browse Source

- Add 0001-Add-structure-for-mutual-recursion-detection-in-ePCR.patch
  0002-fix-find_fixedlen-stk-overflow-w-mutual-recursion.patch
  0003-Fix-heap-overflow-with-unmatched-closing-parens.patch:
  fix bno#1030062 (CVE-2016-10253) 

• Files Changed
• Browse Source

- Update to 18.3.4.6:
  * compiler: Fail labels on guard BIFs weren't taken into account
    during an optimization pass, and a bug in the validation pass
    sometimes prevented this from being noticed when a fault
    occurred.
  * eldap: Misc building environment updates
  * erts: Fix performance bug in pre-allocators that could cause
    them to permanently fall back on normal more expensive memory
    allocation. Pre-allocators are used for quick allocation of
    short lived meta data used by messages and other scheduled
    tasks. Bug exists since OTP_R15B02.
  * erts: Fixed bug in operator bxor causing erroneuos result when
    one operand is a big *negative* integer with the lowest N*W
    bits as zero and the other operand not larger than N*W bits. N
    is an integer of 1 or larger and W is 32 or 64 depending on
    word size.
  * erts: A timer internal bit-field used for storing scheduler id
    was too small. As a result, VM internal timer data structures
    could become inconsistent when using 1024 schedulers on the
    system. Note that systems with less than 1024 schedulers are
    not effected by this bug.
  * erts: Fixed bug in binary_to_term and binary_to_atom that could
    cause VM crash. Typically happens when the last character of an
    UTF8 string is in the range 128 to 255, but truncated to only
    one byte. Bug exists in binary_to_term since ERTS version
    5.10.2 (OTP_R16B01) and binary_to_atom since ERTS version 9.0
    (OTP-20.0).
  * ssh: Trailing white space was removed at end of the
    hello-string. This caused interoperability problems with some
    other ssh-implementations (e.g OpenSSH 7.3p1 on Solaris 11)

• Files Changed
• Browse Source

- Update to 18.3.4.5:
  * crypto: Key exchange algorithms
    diffie-hellman-group-exchange-sha* optimized, up to a factor of
    11 for the slowest ( = biggest and safest) one.
  * erts: A bug has been fixed where if erlang was started +B on a
    unix platform it would be killed by a SIGUSR2 signal when
    creating a crash dump.
  * erts: Calls to erl_drv_send_term() or erl_drv_output_term()
    from a non-scheduler thread while the corresponding port was
    invalid caused the emulator to enter an inconsistent state
    which eventually caused an emulator crash.
  * erts: Driver and NIF operations accessing processes or ports
    could cause an emulator crash when used from non-scheduler
    threads. 
  * erts: Fix bug in binary_to_term for binaries created by
    term_to_binary with option compressed. The bug can cause badarg
    exception for a valid binary when Erlang VM is linked against a
    zlib library of version 1.2.9 or newer. Bug exists since OTP
    17.0.
  * inets: Shutdown gracefully on connection or TLS handshake
    errors
  * ssh: The key exchange algorithm
    diffie-hellman-group-exchange-sha* has a server-option
    {dh_gex_limits,{Min,Max}}. There was a hostkey signature
    validation error on the client side if the option was used and
    the Min or the Max differed fromthe corresponding values
    obtained from the client.
  * ssh: Key exchange algorithms diffie-hellman-group-exchange-sha*
    optimized, up to a factor of 11 for the slowest ( = biggest and
    safest) one.

• Files Changed
• Browse Source

• Files Changed
• Browse Source

• Files Changed
• Browse Source

osc copypac from project:openSUSE:Leap:42.2 package:erlang revision:4

• Browse Source