Erlang/OTP 22.3.1

This release of Erlang/OTP can be built from source or installed using pre-built packages for your OS or third-party tools (such as kerl or asdf).

docker run -it erlang:22.3.1
Patch Package OTP 22.3.1
Git Tag OTP-22.3.1
Date 2020-04-06
Issue Id
ERIERL-481
ERIERL-482
System OTP
Release 22
Application
Potential Incompatibilities

Potential Incompatibilities #

OTP-16556
Application(s):
inets

Remove use of http_uri and mod_esi eval API.

This is a backport from OTP 23 that improves the check of URIs to ensure that invalid URIs does not cause vulnerabilities. This will render the deprecated mod_esi eval API unusable as it used URI that does not conform to valid URI syntax.

OTP-22.3.1 #

OTP-16574
Application(s):
otp
Related Id(s):
ERL-1205

OTP would not build with Xcode 11.4 on macOS Catalina (10.15).

compiler-7.5.4 #

The compiler-7.5.4 application can be applied independently of other applications on a full OTP 22 installation.

OTP-16580
Application(s):
compiler
Related Id(s):
ERL-1212

Fixed a bug in the validator that could cause it to reject valid code.

Full runtime dependencies of compiler-7.5.4: crypto-3.6, erts-9.0, hipe-3.12, kernel-4.0, stdlib-2.5

erts-10.7.1 #

Note! The erts-10.7.1 application *cannot* be applied independently of other applications on an arbitrary OTP 22 installation. On a full OTP 22 installation, also the following runtime dependency has to be satisfied: -- kernel-6.5.1 (first satisfied in OTP 22.2)

OTP-16553
Application(s):
erts, stdlib

re:run(Subject, RE, [unicode]) returned nomatch instead of failing with a badarg error exception when Subject contained illegal utf8 and RE was passed as a binary. This has been corrected along with corrections of reduction counting in re:run() error cases.

OTP-16555
Application(s):
erts
Related Id(s):
ERL-1188

Fixed a bug that could cause the emulator to crash when purging modules or persistent terms.

OTP-16572
Application(s):
erts
Related Id(s):
ERL-1199 , OTP-16269

Fixed a bug in a receive optimization. This could cause a receive not to match even though a matching message was present in the message queue. This bug was introduced in ERTS version 10.6 (OTP 22.2).

Full runtime dependencies of erts-10.7.1: kernel-6.5.1, sasl-3.3, stdlib-3.5

inets-7.1.3 #

The inets-7.1.3 application can be applied independently of other applications on a full OTP 22 installation.

OTP-16556
Application(s):
inets

*** POTENTIAL INCOMPATIBILITY ***

Remove use of http_uri and mod_esi eval API.

This is a backport from OTP 23 that improves the check of URIs to ensure that invalid URIs does not cause vulnerabilities. This will render the deprecated mod_esi eval API unusable as it used URI that does not conform to valid URI syntax.

Full runtime dependencies of inets-7.1.3: erts-6.0, kernel-3.0, mnesia-4.12, runtime_tools-1.8.14, ssl-5.3.4, stdlib-3.5

ssl-9.6.1 #

Note! The ssl-9.6.1 application *cannot* be applied independently of other applications on an arbitrary OTP 22 installation. On a full OTP 22 installation, also the following runtime dependency has to be satisfied: -- public_key-1.7.2 (first satisfied in OTP 22.3)

OTP-16567
Application(s):
ssl
Related Id(s):
ERIERL-481

Correct error handling when the partial_chain fun claims a certificate to be the trusted cert that is not part of the chain. This bug would hide the appropriate alert generating an "INTERNAL_ERROR" alert instead.

Full runtime dependencies of ssl-9.6.1: crypto-4.2, erts-10.0, inets-5.10.7, kernel-6.0, public_key-1.7.2, stdlib-3.5

stdlib-3.12.1 #

Note! The stdlib-3.12.1 application *cannot* be applied independently of other applications on an arbitrary OTP 22 installation. On a full OTP 22 installation, also the following runtime dependency has to be satisfied: -- erts-10.7.1 (first satisfied in OTP 22.3.1)

OTP-16553
Application(s):
erts, stdlib

re:run(Subject, RE, [unicode]) returned nomatch instead of failing with a badarg error exception when Subject contained illegal utf8 and RE was passed as a binary. This has been corrected along with corrections of reduction counting in re:run() error cases.

Full runtime dependencies of stdlib-3.12.1: compiler-5.0, crypto-3.3, erts-10.7.1, kernel-6.0, sasl-3.0

xmerl-1.3.24 #

The xmerl-1.3.24 application can be applied independently of other applications on a full OTP 22 installation.

OTP-16578
Application(s):
xmerl
Related Id(s):
ERIERL-482

Fix a performance problem when using internal general references in XML content.

Full runtime dependencies of xmerl-1.3.24: erts-6.0, kernel-3.0, stdlib-2.5