Erlang/OTP 23.1 is the first maintenance patch release for OTP 23, with mostly bug fixes as well as a few improvements.
A vulnerability in the httpd module (inets application) regarding directory traversal that was introduced in OTP 22.3.1 and corrected in OTP 22.3.4.6. It was also introduced in OTP 23.0 and corrected in OTP 23.1 The vulnerability is registered as CVE-2020-25623. The vulnerability is only exposed if the http server (httpd) in the inets application is used. The vulnerability makes it possible to read arbitrary files which the Erlang system has read access to with for example a specially prepared http request.
A full list of bug fixes and improvements in the readme.
Online documentation can be browsed here:
http://erlang.org/documentation/doc-11.1/doc
Pre-built versions for Windows can be fetched here:
http://erlang.org/download/otp_win32_23.1.exe
http://erlang.org/download/otp_win64_23.1.exe
The Erlang/OTP source can also be found at GitHub on the official Erlang repository:
https://github.com/erlang/otp
OTP-23.1.README file (41232 bytes)
otp_doc_html_23.1.tar.gz file (36285075 bytes)
otp_doc_man_23.1.tar.gz file (1384042 bytes)
otp_src_23.1.tar.gz file (93711452 bytes)
otp_win32_23.1.exe file (93017456 bytes)
otp_win64_23.1.exe file (94643248 bytes)
You can build Erlang from source on your own, following the building and installation instructions. Or use the Kerl script. Kerl is a script that lets you easily build Erlang with a few commands. Follow the instructions to build.
Information about all released OTP versions since OTP 17.0 can be found at the OTP Versions Tree page. This information includes a link to the GitHub source tag, and a link to the README. As of OTP 23, Windows binaries can also be downloaded from here for all patches.
Most OS package managers provide pre-built binary packages. You can also download the latest stable releases from Erlang Solutions. Erlang Solutions provides pre-built binary packages for OS X, Windows, Ubuntu, Debian, Fedora, CentOS, Raspbian and other operating systems.
Since OTP 18.0, Erlang/OTP is released under Apache License 2.0. The older releases prior to 18.0 were released under Erlang Public License (EPL), a derivative work of the Mozilla Public License (MPL).
PDF files are included in the Windows installer and in the HTML documentation tarballs, starting with theR13B03 release.
There is a file containing MD5 checksumsfor all files in the download directory, also reachable through rsync rsync.erlang.org::erlang-download