Patch Package:           OTP 27.3.4.10
Git Tag:                 OTP-27.3.4.10
Date:                    2026-04-07
Trouble Report Id:       OTP-19506, OTP-19889, OTP-19931, OTP-20027,
                         OTP-20037, O…

Erlang Forums is a community-driven platform for discussions related to the Erlang programming language, the Erlang virtual machine (BEAM), and related technologies such as OTP (Open Telecom Platform) and distributed systems. With dedicated forums covering topics like Erlang syntax, OTP frameworks, concurrency primitives, and fault-tolerant design patterns, Erlang Forums offers a resources for Erlang developers and enthusiasts to ask questions, share insights, and collaborate on Erlang-based projects. Whether you're a seasoned Erlang developer or a newcomer exploring functional programming, Erlang Forums provides a supportive community to help you learn and grow in your journey with Erlang.

Erlang Forums

Erlang/OTP 27.3.4.10 patch release fixes multiple bugs and two CVEs across eight applications. Key security fixes include: DNS cache poisoning mitigation in inet_res via strong random transaction IDs and source port randomization (CVE-2026-28810); OCSP stapling now enforces hard-fail when no staple is provided (CVE-2026-32144, a potential incompatibility); and OCSP designated responder certificate verification now checks the CA's cryptographic signature. Other fixes cover a JIT miscompilation bug in erts, an authentication bypass in inets httpd (CVE-2026-28808), a crypto crash after ~2 billion mac_init calls, compiler type inference errors, and a Windows path-with-spaces issue affecting dialyzer and erlc.

Patch Package OTP 27.3.4.10 Released