Erlang/OTP 21.3.8.13

This release of Erlang/OTP can be built from source or installed using pre-built packages for your OS or third-party tools (such as kerl or asdf).

docker run -it erlang:21.3.8.13
Patch Package OTP 21.3.8.13
Git Tag OTP-21.3.8.13
Date 2020-02-03
Issue Id
System OTP
Release 21
Application

erts-10.3.5.9 #

Note! The erts-10.3.5.9 application *cannot* be applied independently of other applications on an arbitrary OTP 21 installation. On a full OTP 21 installation, also the following runtime dependencies have to be satisfied: -- kernel-6.1 (first satisfied in OTP 21.1) -- sasl-3.3 (first satisfied in OTP 21.2)

OTP-16436
Application(s):
erts
Related Id(s):
ERL-1152

A process could end up in a state where it got endlessly rescheduled without making any progress. This occurred when a system task, such as check of process code (part of a code purge), was scheduled on a high priority process trying to execute on a dirty scheduler.

OTP-16438
Application(s):
erts

Fixed bug in erlang:list_to_ref/1 when called with a reference created by a remote note. Function list_to_ref/1 is intended for debugging and not to be used in application programs. Bug exist since OTP 20.0.

Full runtime dependencies of erts-10.3.5.9: kernel-6.1, sasl-3.3, stdlib-3.5

stdlib-3.8.2.3 #

The stdlib-3.8.2.3 application can be applied independently of other applications on a full OTP 21 installation.

OTP-16441
Application(s):
stdlib

A directory traversal vulnerability has been eliminated in erl_tar. erl_tar will now refuse to extract symlinks that points outside the targeted extraction directory and will return {error,{Path,unsafe_symlink}}. (Thanks to Eric Meadows-Jönsson for the bug report and for suggesting a fix.)

Full runtime dependencies of stdlib-3.8.2.3: compiler-5.0, crypto-3.3, erts-10.0, kernel-6.0, sasl-3.0