Prepare release

erts/doc/src/notes.xml

@@ -31,6 +31,23 @@
   </header>
   <p>This document describes the changes made to the ERTS application.</p>
 
+<section><title>Erts 13.2.2.12</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+	    <p>Fix lock order violation if a NIF monitor <c>down</c>
+	    callback calls <c>enif_whereis_pid</c>. Would cause debug
+	    emulator to crash but could potentially lead to deadlocks
+	    in optimized emulator.</p>
+          <p>
+	    Own Id: OTP-19330 Aux Id: GH-8983, PR-9008 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Erts 13.2.2.11</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>

erts/vsn.mk

@@ -18,7 +18,7 @@
 # %CopyrightEnd%
 # 
 
-VSN = 13.2.2.11
+VSN = 13.2.2.12
 
 # Port number 4365 in 4.2
 # Port number 4366 in 4.3

lib/common_test/doc/src/notes.xml

@@ -33,6 +33,23 @@
     <file>notes.xml</file>
     </header>
 
+<section><title>Common_Test 1.24.0.5</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+	    <p>With this change, cth_surefire hook module handles
+	    group path reduction for a skipped group. This fixes a
+	    bug manifesting with improper group path for a group
+	    executed after a group which was skipped.</p>
+          <p>
+	    Own Id: OTP-19365 Aux Id: ERIERL-1157, PR-9080 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Common_Test 1.24.0.4</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>

lib/common_test/vsn.mk

@@ -1 +1 @@
-COMMON_TEST_VSN = 1.24.0.4
+COMMON_TEST_VSN = 1.24.0.5

lib/inets/doc/src/notes.xml

@@ -33,7 +33,25 @@
     <file>notes.xml</file>
   </header>
 
-  <section><title>Inets 8.3.1.4</title>
+  <section><title>Inets 8.3.1.5</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+	    <p>Fixed a bug where calling httpc:set_options/2 when one
+	    of keys: <i>ipfamily</i> or <i>unix_socket</i>, was not
+	    present, would cause the other value to get overriden by
+	    the default value. The validation of these options was
+	    also improved.</p>
+          <p>
+	    Own Id: OTP-19379 Aux Id: PR-8878, GH-8829 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>Inets 8.3.1.4</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>
       <list>

lib/inets/vsn.mk

@@ -19,6 +19,6 @@
 # %CopyrightEnd%
 
 APPLICATION = inets
-INETS_VSN   = 8.3.1.4
+INETS_VSN   = 8.3.1.5
 PRE_VSN     =
 APP_VSN     = "$(APPLICATION)-$(INETS_VSN)$(PRE_VSN)"

lib/public_key/doc/src/notes.xml

@@ -35,6 +35,33 @@
     <file>notes.xml</file>
   </header>
 
+<section><title>Public_Key 1.13.3.5</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+	    <p>If both <c>ext-key-usage</c> and <c>key-usage</c> are
+	    defined for a certificate it should be checked that these
+	    usages are consistent with each other. This will have the
+	    affect that such certificates where the
+	    <c>ext-key-usages</c> is marked as critical and the
+	    usages is consistent with the <c>key-use</c> it can be
+	    considered valid without mandatory application specific
+	    checks for the <c>ext-key-useage</c> extension. </p>
+          <p>
+	    Own Id: OTP-19240 Aux Id: PR-8840, OTP-19532 </p>
+        </item>
+        <item>
+	    <p>Handle decoding of EDDSA key properly, when decoding a
+	    PEM file that contains only the public EDDSA key. </p>
+          <p>
+	    Own Id: OTP-19350 Aux Id: GH-9009, PR-9053 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Public_Key 1.13.3.4</title>
 
     <section><title>Improvements and New Features</title>

lib/public_key/vsn.mk

@@ -1 +1 @@
-PUBLIC_KEY_VSN = 1.13.3.4
+PUBLIC_KEY_VSN = 1.13.3.5

lib/ssh/doc/src/notes.xml

@@ -30,6 +30,22 @@
     <file>notes.xml</file>
   </header>
 
+<section><title>Ssh 4.15.3.8</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+	    <p>With this change, ssh connection does not crash upon
+	    receiving exit-signal message for an already terminated
+	    channel.</p>
+          <p>
+	    Own Id: OTP-19326 Aux Id: PR-8995, GH-8929 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Ssh 4.15.3.7</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>

lib/ssh/vsn.mk

@@ -1,4 +1,4 @@
 #-*-makefile-*-   ; force emacs to enter makefile-mode
 
-SSH_VSN = 4.15.3.7
+SSH_VSN = 4.15.3.8
 APP_VSN    = "ssh-$(SSH_VSN)"

lib/ssl/doc/src/notes.xml

@@ -27,6 +27,42 @@
   </header>
   <p>This document describes the changes made to the SSL application.</p>
 
+<section><title>SSL 10.9.1.7</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+	    <p>Avoid generating an internal alert for case that
+	    should have been an orderly shutdown by the supervisor.
+	    </p>
+          <p>
+	    Own Id: OTP-19311 Aux Id: PR-8980 </p>
+        </item>
+        <item>
+	    <p>If present, extended key-usage TLS (SSL) role check
+	    (<c>pk-clientAuth</c>, <c>pk-serverAuth</c>) should
+	    always be performed for peer-cert. An intermediate CA
+	    cert may relax the requirement if
+	    <c>AnyExtendedKeyUsage</c> purpose is present.</p>
+	    <p>In OTP-25.3.2.8, OTP-26.2 and OTP-27.0 these
+	    requirements became too relaxed. There where two
+	    problems, firstly the peer cert extension was only
+	    checked if it was marked critical, and secondly the CA
+	    cert check did not assert the relaxed
+	    <c>AnyExtendedKeyUsage</c> purpose.</p>
+	    <p>This could result in that certificates might be
+	    misused for purposes not intended by the certificate
+	    authority.</p>
+	    <p>Thanks to Bryan Paxton for reporting the issue.</p>
+          <p>
+	    Own Id: OTP-19352 Aux Id: PR-9130, CVE-2024-53846,
+	    OTP-19240 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>SSL 10.9.1.6</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>

lib/ssl/vsn.mk

@@ -1 +1 @@
-SSL_VSN = 10.9.1.6
+SSL_VSN = 10.9.1.7

lib/stdlib/doc/src/notes.xml

@@ -31,6 +31,20 @@
   </header>
   <p>This document describes the changes made to the STDLIB application.</p>
 
+<section><title>STDLIB 4.3.1.6</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+	    <p>Fixed an error in uri_string:percent_decode spec</p>
+          <p>
+	    Own Id: OTP-19380 Aux Id: GH-8755 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>STDLIB 4.3.1.5</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>

lib/stdlib/vsn.mk

@@ -1 +1 @@
-STDLIB_VSN = 4.3.1.5
+STDLIB_VSN = 4.3.1.6

make/otp_version_tickets

@@ -1,15 +1,9 @@
-OTP-19124
-OTP-19158
-OTP-19221
-OTP-19236
-OTP-19238
-OTP-19246
-OTP-19247
-OTP-19252
-OTP-19256
-OTP-19257
-OTP-19265
-OTP-19266
-OTP-19269
-OTP-19274
-OTP-19284
+OTP-19240
+OTP-19311
+OTP-19326
+OTP-19330
+OTP-19350
+OTP-19352
+OTP-19365
+OTP-19379
+OTP-19380