openSUSE Recommended Update: Recommended update for erlang ______________________________________________________________________________ Announcement ID: openSUSE-RU-2017:1597-1 Rating: low References: #1042887 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides erlang 18.3.4.5 and fixes the following issues: - crypto: Key exchange algorithms diffie-hellman-group-exchange-sha- optimized, up to a factor of 11 for the slowest ( = biggest and safest) one. - erts: A bug has been fixed where if erlang was started +B on a unix platform it would be killed by a SIGUSR2 signal when creating a crash dump. - erts: Calls to erl_drv_send_term() or erl_drv_output_term() from a non-scheduler thread while the corresponding port was invalid caused the emulator to enter an inconsistent state which eventually caused an emulator crash. - erts: Driver and NIF operations accessing processes or ports could cause an emulator crash when used from non-scheduler threads. - erts: Fix bug in binary_to_term for binaries created by term_to_binary with option compressed. The bug can cause badarg exception for a valid binary when Erlang VM is linked against a zlib library of version 1.2.9 or newer. Bug exists since OTP 17.0. - inets: Shutdown gracefully on connection or TLS handshake errors - ssh: The key exchange algorithm diffie-hellman-group-exchange-sha- has a server-option {dh_gex_limits,{Min,Max}}. There was a hostkey signature validation error on the client side if the option was used and the Min or the Max differed fromthe corresponding values obtained from the client. - ssh: Key exchange algorithms diffie-hellman-group-exchange-sha- optimized, up to a factor of 11 for the slowest ( = biggest and safest) one. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-704=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): erlang-18.3.4.5-2.4.2 erlang-debugger-18.3.4.5-2.4.2 erlang-debugger-src-18.3.4.5-2.4.2 erlang-debuginfo-18.3.4.5-2.4.2 erlang-debugsource-18.3.4.5-2.4.2 erlang-dialyzer-18.3.4.5-2.4.2 erlang-dialyzer-debuginfo-18.3.4.5-2.4.2 erlang-dialyzer-src-18.3.4.5-2.4.2 erlang-diameter-18.3.4.5-2.4.2 erlang-diameter-src-18.3.4.5-2.4.2 erlang-doc-18.3.4.5-2.4.2 erlang-epmd-18.3.4.5-2.4.2 erlang-epmd-debuginfo-18.3.4.5-2.4.2 erlang-et-18.3.4.5-2.4.2 erlang-et-src-18.3.4.5-2.4.2 erlang-gs-18.3.4.5-2.4.2 erlang-gs-src-18.3.4.5-2.4.2 erlang-jinterface-18.3.4.5-2.4.2 erlang-jinterface-src-18.3.4.5-2.4.2 erlang-observer-18.3.4.5-2.4.2 erlang-observer-src-18.3.4.5-2.4.2 erlang-reltool-18.3.4.5-2.4.2 erlang-reltool-src-18.3.4.5-2.4.2 erlang-src-18.3.4.5-2.4.2 erlang-wx-18.3.4.5-2.4.2 erlang-wx-debuginfo-18.3.4.5-2.4.2 erlang-wx-src-18.3.4.5-2.4.2 References: https://bugzilla.suse.com/1042887