Package: erlang / 1:17.3-dfsg-4+deb8u2

Metadata

Package Version Patches format
erlang 1:17.3-dfsg-4+deb8u2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
clean.patch | (download)

Makefile.in | 207 207 + 0 - 0 !
1 file changed, 207 insertions(+)

---
rpath.patch | (download)

erts/configure.in | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 a quick hack which removes rpath from crypto and ssl applications binaries to
 satisfy Debian policy.
gnu.patch | (download)

erts/configure.in | 4 2 + 2 - 0 !
erts/emulator/drivers/common/inet_drv.c | 5 5 + 0 - 0 !
erts/etc/common/erlexec.c | 4 2 + 2 - 0 !
erts/etc/common/escript.c | 2 1 + 1 - 0 !
erts/etc/unix/dyn_erl.c | 16 8 + 8 - 0 !
lib/os_mon/c_src/memsup.c | 5 5 + 0 - 0 !
6 files changed, 23 insertions(+), 13 deletions(-)

---
sparc.patch | (download)

erts/configure.in | 2 1 + 1 - 0 !
erts/emulator/beam/beam_emu.c | 11 0 + 11 - 0 !
2 files changed, 1 insertion(+), 12 deletions(-)

---
man.patch | (download)

erts/etc/common/erlexec.c | 6 4 + 2 - 0 !
1 file changed, 4 insertions(+), 2 deletions(-)

---
emacs.patch | (download)

lib/tools/emacs/erlang.el | 23 11 + 12 - 0 !
1 file changed, 11 insertions(+), 12 deletions(-)

---
docs.patch | (download)

lib/erl_docgen/priv/xsl/db_man.xsl | 4 2 + 2 - 0 !
lib/megaco/doc/src/Makefile | 2 0 + 2 - 0 !
lib/stdlib/doc/src/re.xml | 6 3 + 3 - 0 !
lib/tools/Makefile | 2 1 + 1 - 0 !
system/doc/top/Makefile | 2 1 + 1 - 0 !
5 files changed, 7 insertions(+), 9 deletions(-)

 fixes a bug with .re macro in the erlang manpages
 and a few bugs with docs installation.
Last-modified: Thu, 09 Dec 2010 10:45:56 +0300


java.patch | (download)

erts/configure.in | 3 2 + 1 - 0 !
lib/test_server/src/configure.in | 3 2 + 1 - 0 !
2 files changed, 4 insertions(+), 2 deletions(-)

 gcj 4.4 passes the test for jdk 1.5 but doesn't implement
 String#String(int[], int, int) constructor, which breaks jinterface
 build. This patch adds a check for the definition of this constructor.
 It helps to build Erlang on architectures without openjdk-6 available.
hppa.patch | (download)

erts/configure.in | 8 8 + 0 - 0 !
1 file changed, 8 insertions(+)

 the patch adds a temporary workaround for a bug in kernel and
 glibc for hppa architecture where vfork()+exec() fail (see thread
 http://lists.debian.org/debian-hppa/2009/12/msg00035.html for details)
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562218
javascript.patch | (download)

lib/common_test/priv/Makefile.in | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
ssl.patch | (download)

lib/ssl/src/ssl_handshake.erl | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

---
wx3.0 constants.patch | (download)

lib/wx/include/wx.hrl | 442 221 + 221 - 0 !
1 file changed, 221 insertions(+), 221 deletions(-)

 fix constants for wxwidgets3.0
 The values of wx constants can change between stable release series (and
 some have between 2.8 and 3.0), but erlang seems to hardcode these values.
sslv3disable.patch | (download)

lib/ssl/doc/src/ssl.xml | 2 1 + 1 - 0 !
lib/ssl/doc/src/ssl_app.xml | 7 5 + 2 - 0 !
lib/ssl/src/ssl_internal.hrl | 4 2 + 2 - 0 !
lib/ssl/src/ssl_record.hrl | 1 1 + 0 - 0 !
lib/ssl/src/tls_record.erl | 10 8 + 2 - 0 !
5 files changed, 17 insertions(+), 7 deletions(-)

 patch removes support for sslv3 protocol because it is proved to
 be insecure and nobody should use it anymore.
Author Sergei Golovan
Bug-Debian: https://bugs.debian.org/771359
ssltlspoodle.patch | (download)

lib/ssl/doc/src/ssl.xml | 20 16 + 4 - 0 !
lib/ssl/src/dtls_record.erl | 4 2 + 2 - 0 !
lib/ssl/src/ssl.erl | 9 6 + 3 - 0 !
lib/ssl/src/ssl_cipher.erl | 48 25 + 23 - 0 !
lib/ssl/src/ssl_internal.hrl | 5 3 + 2 - 0 !
lib/ssl/src/ssl_record.erl | 11 6 + 5 - 0 !
lib/ssl/src/tls_connection.erl | 7 4 + 3 - 0 !
lib/ssl/src/tls_record.erl | 22 12 + 10 - 0 !
lib/ssl/test/ssl_cipher_SUITE.erl | 188 109 + 79 - 0 !
9 files changed, 183 insertions(+), 131 deletions(-)

 [patch] ssl: reenable padding check for tls-1.0 and provide
 backwards compatible disable option
Last-Modified: Tue, 13 Jan 2015 15:16:20 +0100
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781839


beamload.patch | (download)

erts/emulator/beam/beam_load.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 patch fixes function declaration.
Bugs-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747593


cve 2016 10253.patch | (download)

erts/emulator/pcre/pcre_compile.c | 36 28 + 8 - 0 !
1 file changed, 28 insertions(+), 8 deletions(-)

 a fix for cve-2016-10253 which is the heap overflow during
 a regular expression compile phase. The offending regexp could be
 "(?<=((?2))((?1)))".
 The patch was found at https://github.com/erlang/otp/pull/1108 and
 the original version from https://vcs.pcre.org/pcre?view=revision&revision=1542
 and https://vcs.pcre.org/pcre?view=revision&revision=1560 and
 https://vcs.pcre.org/pcre?view=revision&revision=1571
 has been adapted.
Last-Modified: Wed, 22 Mar 2017 15:35:07 +0300
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858313
Bug-Upstream: https://bugs.erlang.org/browse/ERL-208


cve 2017 1000385.patch | (download)

lib/ssl/src/dtls_connection.erl | 1 1 + 0 - 0 !
lib/ssl/src/ssl_connection.erl | 21 19 + 2 - 0 !
lib/ssl/src/ssl_connection.hrl | 3 2 + 1 - 0 !
lib/ssl/src/tls_connection.erl | 1 1 + 0 - 0 !
4 files changed, 23 insertions(+), 3 deletions(-)

 [patch] ssl: countermeasurements for bleichenbacher attack