Information on source package erlang

Available versions

ReleaseVersion
jessie1:17.3-dfsg-4+deb8u2
stretch1:19.2.1+dfsg-2+deb9u3
stretch (lts)1:19.2.1+dfsg-2+deb9u1
buster1:21.2.6+dfsg-1
bullseye1:23.2.6+dfsg-1
bookworm1:24.3.4.1+dfsg-1
sid1:24.3.4.5+dfsg-1

Open issues

BugjessiestretchbusterbullseyebookwormsidDescription
CVE-2020-12872vulnerable (no DSA)fixedfixedfixedfixedfixedyaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormsidDescription
CVE-2016-1000107vulnerablevulnerablevulnerablevulnerablevulnerablevulnerableinets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1 ...
CVE-2009-0130vulnerablevulnerablevulnerablevulnerablevulnerablevulnerable** DISPUTED ** lib/crypto/c_src/crypto_drv.c in erlang does not proper ...

Resolved issues

BugDescription
CVE-2021-29221A local privilege escalation vulnerability was discovered in Erlang/OT ...
CVE-2020-35733An issue was discovered in Erlang/OTP before 23.2.2. The ssl applicati ...
CVE-2020-25733webTareas through 2.1 allows upload of the dangerous .exe and .shtml f ...
CVE-2020-25623Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Director ...
CVE-2017-1000385The Erlang otp TLS server answers with different TLS alerts to differe ...
CVE-2016-10253An issue was discovered in Erlang/OTP 18.x. Erlang's generation of com ...
CVE-2015-2774Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes w ...
CVE-2014-3566The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ...
CVE-2014-1693Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OT ...
CVE-2011-3389The SSL protocol, as used in certain configurations in Microsoft Windo ...
CVE-2011-0766The random number generator in the Crypto application before 2.0.2.2, ...

Security announcements

DSA / DLADescription
DLA-1207-1erlang - security update
DSA-4057-1erlang - security update

Search for package or bug name: Reporting problems