Information on source package erlang

Available versions

ReleaseVersion
jessie1:17.3-dfsg-4+deb8u2
stretch1:19.2.1+dfsg-2+really23.3.4.18-0+deb9u2
stretch (security)1:19.2.1+dfsg-2+deb9u1
buster1:21.2.6+dfsg-1
buster (security)1:22.2.7+dfsg-1+deb10u1
bullseye1:23.2.6+dfsg-1+deb11u1
bookworm1:25.2.3+dfsg-1
trixie1:25.3.2.8+dfsg-1
sid1:25.3.2.10+dfsg-2

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-48795vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe SSH transport protocol with certain OpenSSH extensions, found in O ...
CVE-2022-37026vulnerablefixedfixedfixedfixedfixedfixedIn Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before ...
CVE-2020-12872vulnerable (no DSA)fixedfixedfixedfixedfixedfixedyaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2016-1000107vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableinets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1 ...
CVE-2009-0130vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerablelib/crypto/c_src/crypto_drv.c in erlang does not properly check the re ...

Resolved issues

BugDescription
CVE-2021-29221A local privilege escalation vulnerability was discovered in Erlang/OT ...
CVE-2020-35733An issue was discovered in Erlang/OTP before 23.2.2. The ssl applicati ...
CVE-2020-25733webTareas through 2.1 allows upload of the dangerous .exe and .shtml f ...
CVE-2020-25623Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Director ...
CVE-2017-1000385The Erlang otp TLS server answers with different TLS alerts to differe ...
CVE-2016-10253An issue was discovered in Erlang/OTP 18.x. Erlang's generation of com ...
CVE-2015-2774Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes w ...
CVE-2014-3566The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ...
CVE-2014-1693Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OT ...
CVE-2011-3389The SSL protocol, as used in certain configurations in Microsoft Windo ...
CVE-2011-0766The random number generator in the Crypto application before 2.0.2.2, ...

Security announcements

DSA / DLADescription
DLA-3491-1erlang - security update
ELA-754-1erlang - security update
DLA-1207-1erlang - security update
DSA-4057-1erlang - security update

Search for package or bug name: Reporting problems