Summary
|
Product |
Cloud / On-Prem |
Version |
Mitigation |
Patch |
|
ESB Runtime
|
Both |
8.0 |
Add "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument and restart runtime. Additional details below in section « Mitigation steps for ESB Runtime » |
TPS-5064-RT (23-DEC-2021) |
|
7.3 |
Add "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument and restart runtime Additional details below in section « Mitigation steps for ESB Runtime » |
TPS-5061-RT (28-DEC-2021) |
||
|
7.2 |
Additional details below in section « Mitigation steps for ESB Runtime » |
TPS-5060-RT (23-DEC-2021) |
||
|
7.1.1 (EOL) |
Impacted |
TPS-5069 (23-DEC-2021) |
||
|
IAM |
On-Prem |
8.0 |
Add "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument and restart IAM. Additional details below in section « Mitigation steps for IAM » |
TPS-5054 (17-DEC-2021) |
|
7.3 |
Add "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument and restart IAM. Additional details below in section « Mitigation steps for IAM » |
TPS-5055 (17-DEC-2021)
|
||
|
7.2 |
Add "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument and restart IAM. Additional details below in section « Mitigation steps for IAM » |
TPS-5056 (17-DEC-2021)
|
||
|
7.1.1 (EOL) |
Impacted |
TPS-5071 (27-DEC-2021) |
||
|
JobServer
|
On-Prem |
8.0 |
Set environment variable JAVA_TOOL_OPTIONS=-Dlog4j2.formatMsgNoLookups=true in JobServer start script and restart JobServer.Additional details below in section « Mitigation steps for JobServer » |
TPS-5039 (17-DEC-2021)
|
|
7.3 |
Set environment variable JAVA_TOOL_OPTIONS=-Dlog4j2.formatMsgNoLookups=true in JobServer start script and restart JobServer.Additional details below in section « Mitigation steps for JobServer » |
TPS-5040 (16-DEC-2021)
|
||
|
7.2 |
Set environment variable JAVA_TOOL_OPTIONS=-Dlog4j2.formatMsgNoLookups=true in JobServer start script and restart JobServer.Additional details below in section « Mitigation steps for JobServer » |
TPS-5043 (17-DEC-2021)
|
||
|
7.1.1 (EOL) |
No Impact |
No Impact |
||
|
LogServer |
On-Prem |
8.0 |
TPS-5057 (17-DEC-2021)
|
|
|
7.3 |
TPS-5058 (17-DEC-2021)
|
|||
|
7.2 |
TPS-5059 (17-DEC-2021)
|
|||
|
7.1.1 (EOL) |
Impacted |
TPS-5072 (24-DEC-2021)
|
||
|
MDM
|
On-Prem |
8.0 |
For MDM, the issue can be mitigated by specifying "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument when starting Tomcat. For running jobs in MDM, the issue can be mitigated by modifying every logging pattern layout " %m" by " %m{nolookups}" in log4j-jobox.xml. See additional details in « Mitigation steps for MDM » |
TPS-5052 (24-DEC-2021)
|
|
7.3 |
For MDM, the issue can be mitigated by specifying "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument when starting Tomcat. For running jobs in MDM, the issue can be mitigated by modifying every logging pattern layout " %m" by " %m{nolookups}" in log4j-jobox.xml. See additional details in « Mitigation steps for MDM » |
TPS-5019 (21-DEC-2021)
|
||
|
7.2 |
No Impact |
No Impact |
||
|
7.1.1 (EOL) |
No Impact |
No Impact |
||
|
Remote Engine Gen1 |
Both |
All |
Additional details below in section « Mitigation steps for Remote Engine Gen 1 » |
RE 2.11.7 (24-DEC-2021)
|
|
Remote Engine Gen1 (Marketplace) |
Both
|
All
|
Additional details below in section « Mitigation steps for Remote Engine Gen 1 »
|
RE 2.11.7 (31-DEC-2021) |
|
Remote Engine Gen2 |
Both
|
All |
If your Remote Engine Gen 2 is R2021-12, you need to restart each Remote Engine to automatically get the fix. If you are on lower version than R2021-12, you need to upgrade and restart to get the fix. |
R2021-12 |
|
Stitch Data Loader |
Cloud |
All |
No Impact |
No Impact |
|
Talend Administration Center (TAC) |
On-Prem |
8.0 |
set "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument when starting Tomcat. See additional details in « Mitigation steps for TAC » |
TPS-5053 (21-DEC-2021)
|
|
7.3 |
set "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument when starting Tomcat. See additional details in « Mitigation steps for TAC » |
TPS-5025 (17-DEC-2021)
|
||
|
7.2 |
No Impact |
No Impact |
||
|
7.1.1 (EOL) |
No Impact |
No Impact |
||
|
Talend Cloud Applications |
Cloud |
All |
N/A |
Fixed |
|
Talend Data Catalog |
Cloud |
All |
No impact |
No Impact |
|
On-Prem |
All |
Update your environment to the latest TDC version which includes Apache Log4j v2.17, by upgrading to TDC-7.3-20220105 or higher. |
TDC-7.3-20220105 (05-JAN-2022) |
|
|
Talend Data Preparation |
Both |
8.0 |
No Impact |
No Impact |
|
7.3.1 |
No Impact |
No Impact |
||
|
7.2.1 |
No Impact |
No Impact |
||
|
7.1.1 (EOL) |
No Impact |
No Impact |
||
|
Talend Data Stewardship |
Both |
8.0 |
No Impact |
No Impact |
|
7.3.1 |
No Impact |
No Impact |
||
|
7.2.1 |
No Impact |
No Impact |
||
|
7.1.1 (EOL) |
No Impact |
No Impact |
||
|
Talend Studio |
Cloud |
8.0 |
For running jobs, the issue can be mitigated by specifying: "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument when running the job. Additional details below in section « Mitigation steps for Talend Studio » |
R2021-12_v1 (23-DEC-2021) |
|
7.3 |
For running jobs, the issue can be mitigated by specifying: "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument when running the job. Additional details below in section « Mitigation steps for Talend Studio » |
R2021-12_v2 (21-DEC-2021)
|
||
|
7.2 |
For running jobs, the issue can be mitigated by specifying: "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument when running the job. Additional details below in section « Mitigation steps for Talend Studio » |
TPS-5062 (27-DEC-2021)
|
||
|
On-Prem |
8.0 |
For running jobs, the issue can be mitigated by specifying: "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument when running the job. Additional details below in section « Mitigation steps for Talend Studio » |
R2021-12_v1 (23-DEC-2021)
|
|
|
7.3 |
For running jobs, the issue can be mitigated by specifying: "-Dlog4j2.formatMsgNoLookups=true" as a JVM argument when running the job. Additional details below in section « Mitigation steps for Talend Studio » |
R2021-12_v2 (21-DEC-2021)
|
||
|
7.2 |
No impact on job execution Studio - Impact with license for Data Quality (Data Profiler using ElasticSearch)
|
TPS-5062 (27-DEC-2021)
|
||
|
7.1.1 (EOL) |
No impact on job execution Studio - Impact with license for Data Quality (Data Profiler using ElasticSearch) |
TPS-5065 (27-DEC-2021) |
Remediation for Talend Open Source is not in scope. End-of-Life versions evaluations have been completed. For further details, please contact Talend Support.
Important Note :
Regarding the artifacts built from Studio v8.0 or v7.3, you need to install the latest Studio patch and then recompile and republish these artifacts in order to be fully protected.