chore(deps): update dependency erlang to v27

[renovate]

This PR contains the following updates:

Package	Update	Change
erlang	major	24.1.7 -> 27.3.3

---

Release Notes

erlang/otp (erlang)

v27.3.3

Compare Source

v27.3.2: OTP 27.3.2

Compare Source

Patch Package:           OTP 27.3.2
Git Tag:                 OTP-27.3.2
Date:                    2025-04-04
Trouble Report Id:       OTP-19482, OTP-19560, OTP-19561, OTP-19562,
                         OTP-19563, OTP-19564, OTP-19565, OTP-19567,
                         OTP-19568, OTP-19569, OTP-19571
Seq num:                 ERIERL-1207, ERIERL-1208, ERIERL-1210,
                         ERIERL-1211, ERIERL-1212, ERIERL-1214,
                         ERIERL-1216, GH-9541, PR-9650, PR-9658,
                         PR-9661, PR-9676
System:                  OTP
Release:                 27
Application:             asn1-5.3.4, compiler-8.6.1, erts-15.2.5,
                         kernel-10.2.5, megaco-4.7.1, snmp-5.18.2,
                         ssl-11.2.11, xmerl-2.1.2
Predecessor:             OTP 27.3.1

Check out the git tag OTP-27.3.2, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

asn1-5.3.4

The asn1-5.3.4 application can be applied independently of other applications on
a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Negative REAL numbers greater than -1 would be incorrectly encoded (the minus
  sign would be lost).

  Own Id: OTP-19567
  Related Id(s): ERIERL-1214, PR-9658

Full runtime dependencies of asn1-5.3.4

erts-14.0, kernel-9.0, stdlib-5.0

compiler-8.6.1

The compiler-8.6.1 application can be applied independently of other
applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Fix the compiler crash when the inner-most tuple in a nested tuple with 3
  layers is updated.

  Own Id: OTP-19561
  Related Id(s): ERIERL-1208, ERIERL-1210, PR-9650

Full runtime dependencies of compiler-8.6.1

crypto-5.1, erts-13.0, kernel-8.4, stdlib-6.0

erts-15.2.5

The erts-15.2.5 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• On Windows, using socket:sendv, a large IOV (size > MAX), the tail was not
  sent.

  Own Id: OTP-19482

• Uplift pcre 8.44 to pcre 8.45

  Own Id: OTP-19565

Full runtime dependencies of erts-15.2.5

kernel-9.0, sasl-3.3, stdlib-4.1

kernel-10.2.5

Note! The kernel-10.2.5 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- erts-15.2.5 (first satisfied in OTP 27.3.2)

Fixed Bugs and Malfunctions

• On Windows, using socket:sendv, a large IOV (size > MAX), the tail was not
  sent.

  Own Id: OTP-19482

• gen_tcp connect with a sockaddr with loopback address failed.

  Own Id: OTP-19560
  Related Id(s): GH-9541

• Remove debug printouts from gen_tcp_socket

  Own Id: OTP-19564

Full runtime dependencies of kernel-10.2.5

crypto-5.0, erts-15.2.5, sasl-3.0, stdlib-6.0

megaco-4.7.1

The megaco-4.7.1 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Correct type spec for ActionReply

  Own Id: OTP-19563
  Related Id(s): ERIERL-1216

Full runtime dependencies of megaco-4.7.1

asn1-3.0, debugger-4.0, erts-12.0, et-1.5, kernel-8.0, runtime_tools-1.8.14,
stdlib-2.5

snmp-5.18.2

The snmp-5.18.2 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• When manager receives an v3 inform (request) it used engine-id and full
  address (including port number) to check if engine was known. This did not
  work if agent used ephemeral ports for notifications. Has now been changed to
  only use (context) engine-id and address (without port).

  Own Id: OTP-19562
  Related Id(s): ERIERL-1207

• Fixed snmp_generic (dialyzer) spec for function table_func.

  Own Id: OTP-19568
  Related Id(s): ERIERL-1211

Full runtime dependencies of snmp-5.18.2

crypto-4.6, erts-12.0, kernel-8.0, mnesia-4.12, runtime_tools-1.8.14,
stdlib-5.0

ssl-11.2.11

Note! The ssl-11.2.11 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.4 (first satisfied in OTP 27.1.3)

Fixed Bugs and Malfunctions

• Correct the debug functionality for NSS keylogging for TLS-1.3 introduced in
  OTP-27.3.1 so that TLS-1.3 key updates items always get correct counter value
  and each item is logged as one single line.

  Own Id: OTP-19569
  Related Id(s): PR-9661

Full runtime dependencies of ssl-11.2.11

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4,
runtime_tools-1.15.1, stdlib-6.0

xmerl-2.1.2

The xmerl-2.1.2 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Corrected faulty type specification

  Corrected type specification for the input parameter of xmerl_xs:value_of/1.

  Also replaced underscore in the return type specifications of
  xmerl_xs:select/2, xmerl_xpath:string/2 and xmerl_xpath:string/3 with
  specified return values to improve documentation.

  Own Id: OTP-19571
  Related Id(s): ERIERL-1212, PR-9676

Full runtime dependencies of xmerl-2.1.2

erts-6.0, kernel-8.4, stdlib-2.5

Thanks to

Björn Gustavsson

v27.3.1: OTP 27.3.1

Compare Source

Patch Package:           OTP 27.3.1
Git Tag:                 OTP-27.3.1
Date:                    2025-03-28
Trouble Report Id:       OTP-19391, OTP-19437, OTP-19469, OTP-19525,
                         OTP-19527, OTP-19529, OTP-19542, OTP-19543,
                         OTP-19545, OTP-19546, OTP-19547, OTP-19548,
                         OTP-19549, OTP-19559
Seq num:                 #​9172, CVE-2025-30211, ERIERL-1204,
                         ERIERL-1205, ERIERL-1206, GH-8891, GH-9483,
                         GH-9554, OTP-19472, OTP-19544, PR-9221,
                         PR-9486, PR-9534, PR-9545, PR-9553, PR-9577,
                         PR-9587, PR-9588, PR-9596, PR-9611, PR-9612
System:                  OTP
Release:                 27
Application:             asn1-5.3.3, erts-15.2.4, kernel-10.2.4,
                         mnesia-4.23.5, ssh-5.2.9, ssl-11.2.10,
                         stdlib-6.2.2
Predecessor:             OTP 27.3

Check out the git tag OTP-27.3.1, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

OTP-27.3.1

Fixed Bugs and Malfunctions

• Update used ExDoc version to v0.37.3

  Own Id: OTP-19525
  Related Id(s): PR-9553

asn1-5.3.3

The asn1-5.3.3 application can be applied independently of other applications on
a full OTP 27 installation.

Fixed Bugs and Malfunctions

• The JER backend will now include the SIZE constraint in the type info for
  OCTET STRINGs, and a SIZE constraint with a range will now be included for BIT
  STRINGs. This does not change the actual encoding or decoding of JER, but can
  be useful for tools.

  Own Id: OTP-19542
  Related Id(s): ERIERL-1204, PR-9588

Improvements and New Features

• When using the JSON encoding rules, it is now possible to call the decode/2
  function in the following way with data that has already been decoded by
  json:decode/1:

  SomeModule:decode(Type, {json_decoded, Decoded}).
  

  Own Id: OTP-19547
  Related Id(s): ERIERL-1206, PR-9611

Full runtime dependencies of asn1-5.3.3

erts-14.0, kernel-9.0, stdlib-5.0

erts-15.2.4

The erts-15.2.4 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Behavior for socket:recv/3 has been improved. The behavior has also been
  clarified in the documentation.

  Own Id: OTP-19469
  Related Id(s): #​9172

• Trace messages due to receive tracing could potentially be delayed a very
  long time if the traced process waited in a receive expression without
  clauses matching on messages (timed wait), or just did not enter a receive
  expression for a very long time.

  Own Id: OTP-19527
  Related Id(s): PR-9577

• Improve the naming of the (internal) esock mutex(es). It is now possible to
  configure (as in autoconf) the use of simple names for the esock mutex(es).

  Own Id: OTP-19548
  Related Id(s): OTP-19472

Full runtime dependencies of erts-15.2.4

kernel-9.0, sasl-3.3, stdlib-4.1

kernel-10.2.4

Note! The kernel-10.2.4 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- erts-15.1 (first satisfied in OTP 27.1)

Fixed Bugs and Malfunctions

• Behavior for socket:recv/3 has been improved. The behavior has also been
  clarified in the documentation.

  Own Id: OTP-19469
  Related Id(s): #​9172

• An infinite loop in CNAME loop detection that can cause Out Of Memory has been
  fixed. This affected CNAME lookup with the internal DNS resolver.

  Own Id: OTP-19545
  Related Id(s): PR-9587, OTP-19544

Full runtime dependencies of kernel-10.2.4

crypto-5.0, erts-15.1, sasl-3.0, stdlib-6.0

mnesia-4.23.5

The mnesia-4.23.5 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• With this change mnesia will merge schema of tables using external backends.

  Own Id: OTP-19437
  Related Id(s): PR-9534

Full runtime dependencies of mnesia-4.23.5

erts-9.0, kernel-5.3, stdlib-5.0

ssh-5.2.9

The ssh-5.2.9 application can be applied independently of other applications on
a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Reception of malicious KEX init message does not result with ssh daemon
  excessive memory usage.

  Own Id: OTP-19543
  Related Id(s): CVE-2025-30211

• Call to ssh:daemon_replace_options does not crash when argument is not a valid
  daemon ref.

  Own Id: OTP-19559
  Related Id(s): GH-9554, PR-9545

Full runtime dependencies of ssh-5.2.9

crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1,
stdlib-5.0, stdlib-6.0

ssl-11.2.10

Note! The ssl-11.2.10 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.4 (first satisfied in OTP 27.1.3)

Fixed Bugs and Malfunctions

• Correct handling of unassigned signature algorithms to properly ignore them
  instead of failing the handshake.

  Own Id: OTP-19529
  Related Id(s): GH-9483, PR-9486

• Update key mechanism in CRL cache so that CRL DP with same URI path component
  becomes distinguishable from each other.

  Own Id: OTP-19549
  Related Id(s): GH-8891, PR-9612

Improvements and New Features

• Add callback for NSS keylogging so that it can work as expected for all
  scenarios.

  Own Id: OTP-19391
  Related Id(s): PR-9221

Full runtime dependencies of ssl-11.2.10

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4,
runtime_tools-1.15.1, stdlib-6.0

stdlib-6.2.2

The stdlib-6.2.2 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Fixed crash when fetching initial_call when user code have modified the
  process_dictionary.

  Own Id: OTP-19546
  Related Id(s): ERIERL-1205, PR-9596

Full runtime dependencies of stdlib-6.2.2

compiler-5.0, crypto-4.5, erts-15.0, kernel-10.0, sasl-3.0

Thanks to

Alexandre Rodrigues, Marc Worrell, Sergei Shuvatov, zmstone

v27.3: OTP 27.3

Compare Source

OTP 27.3

Erlang/OTP 27.3 is the third maintenance patch package for OTP 27, with mostly bug fixes as well as improvements.

For details about bugfixes and potential incompatibilities see the Erlang 27.3 README

The Erlang/OTP source can also be found at GitHub on the official Erlang repository,
https://github.com/erlang/otp

Download links for this and previous versions are found here:

• https://www.erlang.org/downloads

v27.2.4: OTP 27.2.4

Compare Source

Patch Package:           OTP 27.2.4
Git Tag:                 OTP-27.2.4
Date:                    2025-02-20
Trouble Report Id:       OTP-19438, OTP-19466
Seq num:                 CVE-2025-26618, ERIERL-1173, ERIERL-1180
System:                  OTP
Release:                 27
Application:             snmp-5.18.1, ssh-5.2.7
Predecessor:             OTP 27.2.3

Check out the git tag OTP-27.2.4, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

snmp-5.18.1

The snmp-5.18.1 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• SNMP Agent transports type (intAgentTransports) was incorrectly not documented
  as a list of transports. Also add a couple of config file generation examples.

  Own Id: OTP-19438
  Related Id(s): ERIERL-1180

Full runtime dependencies of snmp-5.18.1

crypto-4.6, erts-12.0, kernel-8.0, mnesia-4.12, runtime_tools-1.8.14,
stdlib-5.0

ssh-5.2.7

The ssh-5.2.7 application can be applied independently of other applications on
a full OTP 27 installation.

Fixed Bugs and Malfunctions

• SFTP packets exceeding max packet size are not processed and dropped.

  Own Id: OTP-19466
  Related Id(s): ERIERL-1173, CVE-2025-26618

Full runtime dependencies of ssh-5.2.7

crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1,
stdlib-5.0, stdlib-6.0

v27.2.3: OTP 27.2.3

Compare Source

Patch Package:           OTP 27.2.3
Git Tag:                 OTP-27.2.3
Date:                    2025-02-17
Trouble Report Id:       OTP-19457, OTP-19467, OTP-19486
Seq num:                 ERIERL-1189, ERIERL-1190, PR-9387, PR-9408,
                         PR-9418
System:                  OTP
Release:                 27
Application:             inets-9.3.2, ssl-11.2.8
Predecessor:             OTP 27.2.2

Check out the git tag OTP-27.2.3, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

inets-9.3.2

The inets-9.3.2 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Improved robustness of httpd startup procedure.

  Own Id: OTP-19486
  Related Id(s): ERIERL-1190, PR-9408

Full runtime dependencies of inets-9.3.2

erts-14.0, kernel-9.0, mnesia-4.12, public_key-1.13, runtime_tools-1.8.14,
ssl-9.0, stdlib-5.0, stdlib-6.0

ssl-11.2.8

Note! The ssl-11.2.8 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.4 (first satisfied in OTP 27.1.3)

Fixed Bugs and Malfunctions

• Setting protocol version to a lower value then supported by default in server
  API function called after ssl:listen/2 could result in wrong default values
  being used and connections failing with insufficient security.

  Own Id: OTP-19457
  Related Id(s): PR-9418

• Improve error handling of server name indication fun. This implies that if the
  sni_fun returns undefined we will attempt connection with original option
  values, if it returns unrecognized we end the connection with
  UNRECOGNIZED_NAME alert and if provided options fail option verification we
  will end the connection with a HANDSHAKE_FAILURE and an error log.

  Own Id: OTP-19467
  Related Id(s): ERIERL-1189, PR-9387

Full runtime dependencies of ssl-11.2.8

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4,
runtime_tools-1.15.1, stdlib-6.0

v27.2.2: OTP 27.2.2

Compare Source

Patch Package:           OTP 27.2.2
Git Tag:                 OTP-27.2.2
Date:                    2025-02-06
Trouble Report Id:       OTP-19240, OTP-19381, OTP-19411, OTP-19445,
                         OTP-19455, OTP-19462
Seq num:                 ERIERL-1174, ERIERL-1177, GH-9112, GH-9117,
                         GH-9177, GH-9208, PR-9273, PR-9286, PR-9322,
                         PR-9356, PR-9372, PR-9377
System:                  OTP
Release:                 27
Application:             compiler-8.5.5, erts-15.2.2, kernel-10.2.2,
                         public_key-1.17.1, ssl-11.2.7
Predecessor:             OTP 27.2.1

Check out the git tag OTP-27.2.2, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

compiler-8.5.5

The compiler-8.5.5 application can be applied independently of other
applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Eliminated a bug in the alias analysis pass that could potentially cause
  unsafe optimizations of binary construction or record updates.

  Own Id: OTP-19455
  Related Id(s): PR-9356

Full runtime dependencies of compiler-8.5.5

crypto-5.1, erts-13.0, kernel-8.4, stdlib-6.0

erts-15.2.2

The erts-15.2.2 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Disabled an unsafe runtime optimization in binary construction that caused
  silent memory corruption.

  Own Id: OTP-19462
  Related Id(s): ERIERL-1177, PR-9372

Full runtime dependencies of erts-15.2.2

kernel-9.0, sasl-3.3, stdlib-4.1

kernel-10.2.2

Note! The kernel-10.2.2 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- erts-15.1 (first satisfied in OTP 27.1)

Fixed Bugs and Malfunctions

• Fixed a couple of bugs that could make global's internal state inconsistent
  when a connection was reconnected.

  Own Id: OTP-19381
  Related Id(s): GH-9112, GH-9117, PR-9377

Full runtime dependencies of kernel-10.2.2

crypto-5.0, erts-15.1, sasl-3.0, stdlib-6.0

public_key-1.17.1

The public_key-1.17.1 application can be applied independently of other
applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Consider keyCertSign to compatible with extended key usage for TLS
  client/server auth in CAs, adhere to wide spread implementations

  Own Id: OTP-19240
  Related Id(s): GH-9208, PR-9286

Full runtime dependencies of public_key-1.17.1

asn1-5.0, crypto-5.0, erts-13.0, kernel-8.0, stdlib-4.0

ssl-11.2.7

Note! The ssl-11.2.7 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.4 (first satisfied in OTP 27.1.3)

Fixed Bugs and Malfunctions

• An initiated handshake should always be closed with an alert, some corner
  cases have been fixed so that this should always be the case.

  Own Id: OTP-19411
  Related Id(s): ERIERL-1174, PR-9273

• Correct option handling to work properly for paused handshaking. Could result
  in unwanted alerts or or error messages.

  Own Id: OTP-19445
  Related Id(s): GH-9177, PR-9322

Full runtime dependencies of ssl-11.2.7

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4,
runtime_tools-1.15.1, stdlib-6.0

Thanks to

Frej Drejhammar

v27.2.1: OTP 27.2.1

Compare Source

Patch Package:           OTP 27.2.1
Git Tag:                 OTP-27.2.1
Date:                    2025-01-23
Trouble Report Id:       OTP-19385, OTP-19388, OTP-19392, OTP-19407,
                         OTP-19418, OTP-19435, OTP-19439, OTP-19444,
                         OTP-19446
Seq num:                 ERIERL-1165, ERIERL-1166, ERIERL-1179,
                         ERIERL-1183, GH-9065, GH-9163, GH-9211,
                         GH-9237, PR-9139, PR-9155, PR-9156, PR-9161,
                         PR-9234, PR-9274, PR-9309, PR-9314, PR-9318,
                         PR-9327
System:                  OTP
Release:                 27
Application:             common_test-1.27.6, dialyzer-5.3.1,
                         erts-15.2.1, kernel-10.2.1, ssh-5.2.6,
                         tftp-1.2.2
Predecessor:             OTP 27.2

Check out the git tag OTP-27.2.1, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

common_test-1.27.6

The common_test-1.27.6 application can be applied independently of other
applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Common test will now not crash when running tests with otp26 and earlier,
  while having previous test resuts from otp27.

  Own Id: OTP-19385
  Related Id(s): ERIERL-1166, PR-9155, PR-9156

Full runtime dependencies of common_test-1.27.6

compiler-6.0, crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0,
kernel-8.4, observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8

dialyzer-5.3.1

The dialyzer-5.3.1 application can be applied independently of other
applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Fixed a crash caused by the use of opaque types.

  Own Id: OTP-19439
  Related Id(s): ERIERL-1183, PR-9314

Full runtime dependencies of dialyzer-5.3.1

compiler-8.0, erts-12.0, kernel-8.0, stdlib-5.0, syntax_tools-2.0

erts-15.2.1

The erts-15.2.1 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Fixed configure tests for GCC 14

  Own Id: OTP-19407
  Related Id(s): GH-9211, PR-9234

• Fix bug where log printouts would go missing when application_controller is
  stopping while log messages are being sent.

  This bug was introduced by OTP-19078 in Erlang/OTP 26.2.5.

  Own Id: OTP-19418
  Related Id(s): GH-9163, PR-9274

Full runtime dependencies of erts-15.2.1

kernel-9.0, sasl-3.3, stdlib-4.1

kernel-10.2.1

Note! The kernel-10.2.1 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- erts-15.1 (first satisfied in OTP 27.1)

Fixed Bugs and Malfunctions

• Fix the default group_leader to reply {error,request} on invalid I/O
  requests instead of crashing.

  This bug was introduced in Erlang/OTP 27.2.

  Own Id: OTP-19444
  Related Id(s): GH-9237, PR-9318

Full runtime dependencies of kernel-10.2.1

crypto-5.0, erts-15.1, sasl-3.0, stdlib-6.0

ssh-5.2.6

The ssh-5.2.6 application can be applied independently of other applications on
a full OTP 27 installation.

Fixed Bugs and Malfunctions

• With this change, type specs for ssh:connection_info/1,2 functions are fixed
  so they include {error, term()} return value.

  Own Id: OTP-19388
  Related Id(s): ERIERL-1165, PR-9161

• With this change, ssh client accepts a banner sent during processing keyboard
  interactive user authentication.

  Own Id: OTP-19392
  Related Id(s): GH-9065, PR-9139

• With this change, large sftp transfers does not hang. Redundant window
  adjustment are not requested.

  Own Id: OTP-19435
  Related Id(s): PR-9309

Full runtime dependencies of ssh-5.2.6

crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1,
stdlib-5.0, stdlib-6.0

tftp-1.2.2

The tftp-1.2.2 application can be applied independently of other applications on
a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Fix specs in tftp:read_file function.

  Own Id: OTP-19446
  Related Id(s): ERIERL-1179, PR-9327

Full runtime dependencies of tftp-1.2.2

erts-6.0, kernel-6.0, stdlib-5.0

Thanks to

Alexandre Rodrigues, Luke Bakken

v27.2: OTP 27.2

Compare Source

OTP 27.2

Erlang/OTP 27.2 is the second maintenance patch package for OTP 27, with mostly bug fixes as well as improvements.

Potential incompatibilities:

• The HTTP client now correctly takes into account the full_result request option
  when returning an asynchronous request.

For details about bugfixes and potential incompatibilities see the Erlang 27.2 README

The Erlang/OTP source can also be found at GitHub on the official Erlang repository, https://github.com/erlang/otp

Download links for this and previous versions are found here

• https://www.erlang.org/downloads

v27.1.3: OTP 27.1.3

Compare Source

Patch Package:           OTP 27.1.3
Git Tag:                 OTP-27.1.3
Date:                    2024-12-05
Trouble Report Id:       OTP-19240, OTP-19293, OTP-19311, OTP-19325,
                         OTP-19326, OTP-19328, OTP-19332, OTP-19340,
                         OTP-19350, OTP-19352, OTP-19357, OTP-19365,
                         OTP-19366, OTP-19374
Seq num:                 #​8989, CVE-2024-53846, ERIERL-1134,
                         ERIERL-1139, ERIERL-1147, ERIERL-1157,
                         GH-8929, GH-9009, GH-9014, GH-9100,
                         OTP-19061, OTP-19240, OTP-19532, PR-8840,
                         PR-8924, PR-8931, PR-8980, PR-8995, PR-9001,
                         PR-9024, PR-9053, PR-9080, PR-9111, PR-9130
System:                  OTP
Release:                 27
Application:             common_test-1.27.4, compiler-8.5.3,
                         erts-15.1.3, kernel-10.1.2,
                         public_key-1.16.4, ssh-5.2.4, ssl-11.2.5
Predecessor:             OTP 27.1.2

Check out the git tag OTP-27.1.3, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

common_test-1.27.4

The common_test-1.27.4 application can be applied independently of other
applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• With this change, cth_surefire hook module handles group path reduction for a
  skipped group. This fixes a bug manifesting with improper group path for a
  group executed after a group which was skipped.

  Own Id: OTP-19365
  Related Id(s): ERIERL-1157, PR-9080

Improvements and New Features

• With this change, prefix option can be specified in cth_conn_log option list.
  Option allows to specify how much of additional information is added in raw
  log output.

  Own Id: OTP-19293
  Related Id(s): ERIERL-1139, PR-8924, PR-8931

Full runtime dependencies of common_test-1.27.4

compiler-6.0, crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0,
kernel-8.4, observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8

compiler-8.5.3

The compiler-8.5.3 application can be applied independently of other
applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• In rare circumstances, the destructive tuple update optimization could be
  applied when it was unsafe.

  Own Id: OTP-19340
  Related Id(s): GH-9014, PR-9024

• In rare circumstances involving appending to multiple binaries, the compile
  could emit unsafe code that would crash the runtime system.

  Own Id: OTP-19374
  Related Id(s): GH-9100, PR-9111

Full runtime dependencies of compiler-8.5.3

crypto-5.1, erts-13.0, kernel-8.4, stdlib-6.0

erts-15.1.3

The erts-15.1.3 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• gen_udp:send on domain local can leak inet_reply messages.

  Own Id: OTP-19332
  Related Id(s): #​8989

• net:getifaddrs does not properly report the running flag on windows.

  Own Id: OTP-19366
  Related Id(s): ERIERL-1134, OTP-19061

Full runtime dependencies of erts-15.1.3

kernel-9.0, sasl-3.3, stdlib-4.1

kernel-10.1.2

Note! The kernel-10.1.2 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- erts-15.1 (first satisfied in OTP 27.1)

Fixed Bugs and Malfunctions

• On windows the socket:recv could return with success ({ok, Data}) even though
  not all data had been read.

  Own Id: OTP-19328

• gen_udp:send on domain local can leak inet_reply messages.

  Own Id: OTP-19332
  Related Id(s): #​8989

• Failure to create an UDP IPv6 socket when inet_backend = socket with certain
  IPv6 socket options.

  Own Id: OTP-19357

• net:getifaddrs does not properly report the running flag on windows.

  Own Id: OTP-19366
  Related Id(s): ERIERL-1134, OTP-19061

Full runtime dependencies of kernel-10.1.2

crypto-5.0, erts-15.1, sasl-3.0, stdlib-6.0

public_key-1.16.4

The public_key-1.16.4 application can be applied independently of other
applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• If both ext-key-usage and key-usage are defined for a certificate it
  should be checked that these usages are consistent with each other. This will
  have the affect that such certificates where the ext-key-usages is marked as
  critical and the usages is consistent with the key-use it can be considered
  valid without mandatory application specific checks for the ext-key-useage
  extension.

  Own Id: OTP-19240
  Related Id(s): PR-8840, OTP-19532

• Handle decoding of EDDSA key properly, when decoding a PEM file that contains
  only the public EDDSA key.

  Own Id: OTP-19350
  Related Id(s): GH-9009, PR-9053

Full runtime dependencies of public_key-1.16.4

asn1-3.0, crypto-4.6, erts-6.0, kernel-3.0, stdlib-3.5

ssh-5.2.4

The ssh-5.2.4 application can be applied independently of other applications on
a full OTP 27 installation.

Fixed Bugs and Malfunctions

• With this change, ssh connection does not crash upon receiving exit-signal
  message for an already terminated channel.

  Own Id: OTP-19326
  Related Id(s): GH-8929, PR-8995

Full runtime dependencies of ssh-5.2.4

crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1,
stdlib-5.0, stdlib-6.0

ssl-11.2.5

Note! The ssl-11.2.5 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.4 (first satisfied in OTP 27.1.3)

Fixed Bugs and Malfunctions

• Avoid generating an internal alert for case that should have been an orderly
  shutdown by the supervisor.

  Own Id: OTP-19311
  Related Id(s): PR-8980

• If present, extended key-usage TLS (SSL) role check (pk-clientAuth,
  pk-serverAuth) should always be performed for peer-cert. An intermediate CA
  cert may relax the requirement if AnyExtendedKeyUsage purpose is present.

  In OTP-25.3.2.8, OTP-26.2 and OTP-27.0 these requirements became too relaxed.
  There where two problems, firstly the peer cert extension was only checked if
  it was marked critical, and secondly the CA cert check did not assert the
  relaxed AnyExtendedKeyUsage purpose.

  This could result in that certificates might be misused for purposes not
  intended by the certificate authority.

  Thanks to Bryan Paxton for reporting the issue.

  Own Id: OTP-19352
  Related Id(s): PR-9130, CVE-2024-53846, OTP-19240

Improvements and New Features

• Back port certificate_authorities option for TLS-1.3 servers to pre TLS-1.3
  servers to enable them to disable the sending of certificate authorities in
  their certificate request. This will have same affect as the the TLS-1.3
  server option although it is handled by a different mechanism in these
  versions, where the functionality is described to be more of a guidance,
  although some pre TLS clients have proven to make it mandatory as in TLS-1.3
  extension handling.

  Own Id: OTP-19325
  Related Id(s): ERIERL-1147, PR-9001

Full runtime dependencies of ssl-11.2.5

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4,
runtime_tools-1.15.1, stdlib-6.0

Thanks to

Frej Drejhammar, zmstone

v27.1.2: OTP 27.1.2

Compare Source

Patch Package:           OTP 27.1.2
Git Tag:                 OTP-27.1.2
Date:                    2024-10-17
Trouble Report Id:       OTP-19124, OTP-19235, OTP-19246, OTP-19247,
                         OTP-19249, OTP-19258, OTP-19265, OTP-19266,
                         OTP-19267, OTP-19268, OTP-19269, OTP-19274,
                         OTP-19286, OTP-19288
Seq num:                 ERIERL-1127, ERIERL-1133, ERIERL-1134,
                         ERIERL-1137, ERIERL-1138, GH-6455, GH-7550,
                         GH-8223, GH-8835, GH-8875, GH-8880, GH-8908,
                         OTP-18520, OTP-19061, PR-8226, PR-8766,
                         PR-8837, PR-8854, PR-8866, PR-8876, PR-8890,
                         PR-8892, PR-8895, PR-8897, PR-8901, PR-8914,
                         PR-8916
System:                  OTP
Release:                 27
Application:             common_test-1.27.3, erts-15.1.2,
                         kernel-10.1.1, ssh-5.2.3, ssl-11.2.4,
                         stdlib-6.1.2
Predecessor:             OTP 27.1.1

Check out the git tag OTP-27.1.2, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

common_test-1.27.3

The common_test-1.27.3 application can be applied independently of other
applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• With this change, jquery and tablesorter licenses are added to COPYRIGHT file.
  Also tablesorter is updated to version 2.32.

  Own Id: OTP-19265
  Related Id(s): PR-8876

Full runtime dependencies of common_test-1.27.3

compiler-6.0, crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0,
kernel-8.4, observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8

erts-15.1.2

The erts-15.1.2 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• A bug has been fixed where receiving an SCTP message with gen_sctp could
  waste the first fragments of a message and only deliver the last fragment.

  This happened with low probability when the OS signaled that the socket was
  ready for reading in combination with an internal time-out retry.

  A bug has been fixed with a lingering time-out from after an SCTP connect that
  could stop the flow of incoming messages on an active gen_tcp socket.

  Own Id: OTP-19235
  Related Id(s): ERIERL-1133, PR-8837

• An boolean option non_block_send for SCTP, has ben added to be able to
  achieve the old behaviour to avoid blocking send operations by passing the OS
  network stack error message ({error,eagain} through.

  Own Id: OTP-19258
  Related Id(s): ERIERL-1134, OTP-19061

• The call gen_tcp:send/2 could hang indefinitely despite having set the
  send_timeout option for the following unfortunate combination of
  circumstances:

  • The socket has to be in passive mode.
  • All output buffers had to be filled util the high_watermark was hit,
    causing the gen_tcp:send/2 operation to block.
  • While the send operation was blocked, a gen_tcp:recv/2,3 call had to be
    done from a different process. It had to block, waiting for data for a while
    before completing the operation, and the received packet had to fill at
    least 75% of the receive buffer.

  Under these circumstances he information that a send operation was waiting got
  lost, so the send operation that blocked in the first placed would never
  return. The data it had would be sent, though, and send operations from other
  processes, still work.

  This bug has been fixed.

  Own Id: OTP-19267
  Related Id(s): ERIERL-1138, GH-6455, PR-8892, OTP-18520

• In rare circumstances, in code that matches multiple tuples, the JIT could
  generate code that would raise a badmatch exception even if the given tuples
  were correct.

  Own Id: OTP-19268
  Related Id(s): GH-8875, PR-8895

• Fixed beam crash that could happen if resetting call_time or call_memory
  trace counters of a function while it is called. Bug exists since OTP R16.

  Own Id: OTP-19269
  Related Id(s): GH-8835, PR-8897

Full runtime dependencies of erts-15.1.2

kernel-9.0, sasl-3.3, stdlib-4.1

kernel-10.1.1

Note! The kernel-10.1.1 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- erts-15.1 (first satisfied in OTP 27.1)

Fixed Bugs and Malfunctions

• A bug has been fixed where receiving an SCTP message with gen_sctp could
  waste the first fragments of a message and only deliver the last fragment.

  This happened with low probability when the OS signaled that the socket was
  ready for reading in combination with an internal time-out retry.

  A bug has been fixed with a lingering time-out from after an SCTP connect that
  could stop the flow of incoming messages on an active gen_tcp socket.

  Own Id: OTP-19235
  Related Id(s): ERIERL-1133, PR-8837

• An boolean option non_block_send for SCTP, has ben added to be able to
  achieve the old behaviour to avoid blocking send operations by passing the OS
  network stack error message ({error,eagain} through.

  Own Id: OTP-19258
  Related Id(s): ERIERL-1134, OTP-19061

Full runtime dependencies of kernel-10.1.1

crypto-5.0, erts-15.1, sasl-3.0, stdlib-6.0

ssh-5.2.3

The ssh-5.2.3 application can be applied independently of other applications on
a full OTP 27 installation.

Fixed Bugs and Malfunctions

• With this change, a race condition is removed from ssh client connection setup
  procedure.

  Own Id: OTP-19124
  Related Id(s): GH-7550, PR-8766

• With this change, ssh:connect is not affected by presence of EXIT message in
  queue.

  Own Id: OTP-19246
  Related Id(s): GH-8223, PR-8854

• With this change, ssh appends {active, false} option after socket options
  received from user - so that false value is always used.

  Own Id: OTP-19247
  Related Id(s): PR-8226

Full runtime dependencies of ssh-5.2.3

crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1,
stdlib-5.0, stdlib-6.0

ssl-11.2.4

Note! The ssl-11.2.4 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.2 (first satisfied in OTP 27.1)

Fixed Bugs and Malfunctions

• Refactor trying to also make some optimizations introduced a bug in signature
  algorithms checks in OTP-26.2.1. This could manifest itself in not being able
  to negotiate connections using certificates needing to use some TLS-1.2
  compatibility legacy signature schemes.

  Own Id: OTP-19249
  Related Id(s): ERIERL-1137, PR-8866

• Correct timeout handling for termination code run for own alerts, so that
  intended timeout is used instead of falling back to OS TCP-stack timeout that
  is unreasonably long on some platforms.

  Own Id: OTP-19274
  Related Id(s): PR-8901

• Fix assertion so that works as intended. This could result in that some
  TLS-1.2 clients would fail to connect to the the erlang server. Bug introduced
  in OTP-27.1.1

  Own Id: OTP-19288
  Related Id(s): GH-8908, PR-8916

Full runtime dependencies of ssl-11.2.4

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.2,
runtime_tools-1.15.1, stdlib-6.0

stdlib-6.1.2

The stdlib-6.1.2 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• With this change, uri_string:normalize assumes empty path (do not crash) when
  no path is provided in the URI map.

  Own Id: OTP-19266
  Related Id(s): ERIERL-1127, PR-8890

• Fixed spec for json:format/3.

  Own Id: OTP-19286
  Related Id(s): GH-8880, PR-8914

Full runtime dependencies of stdlib-6.1.2

compiler-5.0, crypto-4.5, erts-15.0, kernel-10.0, sasl-3.0

Thanks to

Jakub Witczak

v27.1.1: OTP 27.1.1

Compare Source

Patch Package:           OTP 27.1.1
Git Tag:                 OTP-27.1.1
Date:                    2024-09-30
Trouble Report Id:       OTP-19227, OTP-19236, OTP-19238, OTP-19241,
                         OTP-19245, OTP-19251, OTP-19252, OTP-19254,
                         OTP-19256, OTP-19257
Seq num:                 #​8848, #​8853, ERIERL-1130, GH-8832, PR-8261,
                         PR-8780, PR-8809, PR-8836, PR-8858
System:                  OTP
Release:                 27
Application:             common_test-1.27.2, erts-15.1.1,
                         public_key-1.16.3, ssl-11.2.3, stdlib-6.1.1
Predecessor:             OTP 27.1

Check out the git tag OTP-27.1.1, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

common_test-1.27.2

The common_test-1.27.2 application can be applied independently of other
applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• With this change, HTML reports include jQuery version 3.7.1.

  Own Id: OTP-19252
  Related Id(s): PR-8858

Full runtime dependencies of common_test-1.27.2

compiler-6.0, crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0,
kernel-8.4, observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8

erts-15.1.1

The erts-15.1.1 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• On Windows, successive failed socket calls caused socket to become
  "uninitialized".

  Own Id: OTP-19251
  Related Id(s): #​8853

• The socket framework fails to start on a IPv6-only Windows machine.

  Own Id: OTP-19254
  Related Id(s): #​8848

Full runtime dependencies of erts-15.1.1

kernel-9.0, sasl-3.3, stdlib-4.1

public_key-1.16.3

The public_key-1.16.3 application can be applied independently of other
applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Introduction of verify_fun/4 unfortunately introduced an argument switch for
  some specific path validation errors so that verify_fun/3 could under these
  circumstances be called with a DER cert instead of a decod cert, also in this
  situation the verify_fun/4 would have the certificates in reverse order.

  Own Id: OTP-19245
  Related Id(s): GH-8832

Improvements and New Features

• Do not hide crypto badarg reason, this error handling enhancement facilitates
  debugging. These kind of runtime errors are not documented and should never be
  relied on for matching, they are intended for catching input errors early.

  Own Id: OTP-19238

Full runtime dependencies of public_key-1.16.3

asn1-3.0, crypto-4.6, erts-6.0, kernel-3.0, stdlib-3.5

ssl-11.2.3

Note! The ssl-11.2.3 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.2 (first satisfied in OTP 27.1)

Fixed Bugs and Malfunctions

• Starting from TLS-1.3 some server handshake alerts might arrive after
  ssl:connection/2,3,4 has returned. If the socket is in active mode the
  controlling process will get the alert message, but passive sockets would only
  get {error, closed} on next call to ssl:recv/2,3 or ssl/setopts/2. Passive
  sockets calls will now return {error, error_alert()} instead.

  Own Id: OTP-19236
  Related Id(s): PR-8261

• Servers configured to support only version (pre TLS-1.2) should ignore hello
  version extension, as it is an unknown extension to them, this will result in
  that new clients that do not support the old server version will get an
  insufficient security alert from the server and not a protocol version alert,
  this is consistent with how old servers not able to support higher protocol
  versions work.

  Own Id: OTP-19257

Full runtime dependencies of ssl-11.2.3

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.2,
runtime_tools-1.15.1, stdlib-6.0

stdlib-6.1.1

The stdlib-6.1.1 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Remove whitespace stripping of returned binaries in json:decode/3.

  Own Id: OTP-19227
  Related Id(s): ERIERL-1130, PR-8809

• Fix zip:unzip/2 to not crash when extracting zip files with garbage in the
  Zip64 extra header. This bug was introduced in Erlang 27.1 and has so far only
  been seen on some archives creates by MS Excel.

  Own Id: OTP-19241
  Related Id(s): PR-8836

• With this change, shutdown procedure handles a race condition between
  supervisor executing a shutdown and child process termination from other
  reason.

  Own Id: OTP-19256
  Related Id(s): PR-8780

Full runtime dependencies of stdlib-6.1.1

compiler-5.0, crypto-4.5, erts-15.0, kernel-10.0, sasl-3.0

Thanks to

Jakub Witczak

v27.1: OTP 27.1

Compare Source

Patch Package:           OTP 27.1
Git Tag:                 OTP-27.1
Date:                    2024-09-18
Trouble Report Id:       OTP-17848, OTP-19032, OTP-19097, OTP-19098,
                         OTP-19101, OTP-19102, OTP-19103, OTP-19104,
                         OTP-19105, OTP-19110, OTP-19112, OTP-19113,
                         OTP-19114, OTP-19119, OTP-19122, OTP-19126,
                         OTP-19128, OTP-19129, OTP-19130, OTP-19132,
                         OTP-19133, OTP-19134, OTP-19136, OTP-19138,
                         OTP-19139, OTP-19143, OTP-19145, OTP-19146,
                         OTP-19148, OTP-19153, OTP-19154, OTP-19157,
                         OTP-19163, OTP-19164, OTP-19166, OTP-19167,
                         OTP-19168, OTP-19169, OTP-19170, OTP-19171,
                         OTP-19172, OTP-19173, OTP-19175, OTP-19176,
                         OTP-19178, OTP-19179, OTP-19181, OTP-19182,
                         OTP-19183, OTP-19186, OTP-19187, OTP-19188,
                         OTP-19189, OTP-19190, OTP-19191, OTP-19192,
                         OTP-19193, OTP-19197, OTP-19199, OTP-19200,
                         OTP-19201, OTP-19202, OTP-19203, OTP-19205,
                         OTP-19206, OTP-19208, OTP-19209, OTP-19210,
                         OTP-19211, OTP-19212, OTP-19214, OTP-19215,
                         OTP-19216, OTP-19217, OTP-19218, OTP-19219,
                         OTP-19220, OTP-19222
Seq num:                 #​8399, ERIERL-1102, ERIERL-1104, ERIERL-870,
                         GH-4362, GH-7621, GH-7746, GH-8378, GH-8454,
                         GH-8472, GH-8477, GH-8486, GH-8498, GH-8561,
                         GH-8562, GH-8568, GH-8604, GH-8605, GH-8613,
                         GH-8630, GH-8656, GH-8657, GH-8661, GH-8690,
                         GH-8715, GH-8738, GH-8748, GH-8779, GH-8785,
                         OTP-18671, OTP-18835, OTP-19101, OTP-19175,
                         PR-7226, PR-7419, PR-7919, PR-8261, PR-8310,
                         PR-8472, PR

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.