Patch Package OTP 26.2.5.12 Released

Patch Package:           OTP 26.2.5.12
Git Tag:                 OTP-26.2.5.12
Date:                    2025-05-08
Trouble Report Id:       OTP-19577, OTP-19599, OTP-19600, OTP-19602,
                         OTP-19605, OTP-19608, OTP-19625
Seq num:                 CVE-2025-46712, ERIERL-1220, GH-9707,
                         GH-9715, GH-9720, PR-9696, PR-9724, PR-9737,
                         PR-9753, PR-9765, PR-9767
System:                  OTP
Release:                 26
Application:             compiler-8.4.3.3, erts-14.2.5.10,
                         kernel-9.2.4.8, ssh-5.1.4.9, xmerl-1.3.34.3
Predecessor:             OTP 26.2.5.11

 Check out the git tag OTP-26.2.5.12, and build a full OTP system
 including documentation. Apply one or more applications from this
 build as patches to your installation using the 'otp_patch_apply'
 tool. For information on install requirements, see descriptions for
 each application version below.

 ---------------------------------------------------------------------
 --- compiler-8.4.3.3 ------------------------------------------------
 ---------------------------------------------------------------------

 The compiler-8.4.3.3 application can be applied independently of
 other applications on a full OTP 26 installation.

 --- Fixed Bugs and Malfunctions ---

  OTP-19600    Application(s): compiler
               Related Id(s): GH-9715, PR-9737

               Fix a bug where unloaded nifs can crash the compiler.


 Full runtime dependencies of compiler-8.4.3.3: crypto-5.1, erts-13.0,
 kernel-8.4, stdlib-5.0


 ---------------------------------------------------------------------
 --- erts-14.2.5.10 --------------------------------------------------
 ---------------------------------------------------------------------

 The erts-14.2.5.10 application can be applied independently of other
 applications on a full OTP 26 installation.

 --- Fixed Bugs and Malfunctions ---

  OTP-19577    Application(s): erts
               Related Id(s): ERIERL-1220, PR-9696

               Fixed an emulator crash when setting an error_handler
               module that was not yet loaded.


  OTP-19599    Application(s): erts
               Related Id(s): PR-9724

               Fixed a rare bug that could cause an emulator crash
               after unloading a module or erasing a persistent_term.


 Full runtime dependencies of erts-14.2.5.10: kernel-9.0, sasl-3.3,
 stdlib-4.1


 ---------------------------------------------------------------------
 --- kernel-9.2.4.8 --------------------------------------------------
 ---------------------------------------------------------------------

 The kernel-9.2.4.8 application can be applied independently of other
 applications on a full OTP 26 installation.

 --- Fixed Bugs and Malfunctions ---

  OTP-19605    Application(s): kernel
               Related Id(s): GH-9720, PR-9765

               With this change, disk_log will not crash when using
               chunk_step/3 after log size was decreased.


  OTP-19608    Application(s): kernel
               Related Id(s): GH-9707, PR-9767

               With this change, disk_log will not run into infinite
               loop when using chunk/2,3 after log size was decreased.


 Full runtime dependencies of kernel-9.2.4.8: crypto-5.0, erts-14.0,
 sasl-3.0, stdlib-5.0


 ---------------------------------------------------------------------
 --- ssh-5.1.4.9 -----------------------------------------------------
 ---------------------------------------------------------------------

 The ssh-5.1.4.9 application can be applied independently of other
 applications on a full OTP 26 installation.

 --- Fixed Bugs and Malfunctions ---

  OTP-19625    Application(s): ssh
               Related Id(s): CVE-2025-46712

               Fix KEX strict implementation according to
               draft-miller-sshm-strict-kex-01 document.


 Full runtime dependencies of ssh-5.1.4.9: crypto-5.0, erts-14.0,
 kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-5.0,
 stdlib-5.0


 ---------------------------------------------------------------------
 --- xmerl-1.3.34.3 --------------------------------------------------
 ---------------------------------------------------------------------

 The xmerl-1.3.34.3 application can be applied independently of other
 applications on a full OTP 26 installation.

 --- Improvements and New Features ---

  OTP-19602    Application(s): xmerl
               Related Id(s): PR-9753

               A new option to discard whitespace before the xml tag
               when reading from a stream has been added to the Xmerl
               SAX parser.

               -- {discard_ws_before_xml_document, Boolean} -- Discard
               whitespace before xml tag instead of returning a fatal
               error if set to true (false is default)


 Full runtime dependencies of xmerl-1.3.34.3: erts-6.0, kernel-8.4,
 stdlib-2.5


 ---------------------------------------------------------------------
 --- Thanks to -------------------------------------------------------
 ---------------------------------------------------------------------

 João Henrique Ferreira de Freitas, Lý Nhật Tâm


 ---------------------------------------------------------------------
 ---------------------------------------------------------------------
 ---------------------------------------------------------------------
2 Likes