Skip to main content Skip to complementary content

TPS-5614 (cumulative patch)

Info Value
Patch Name Patch_20241115_TPS-5614_v2-7.3.1
Release Date 2024-11-15
Target Version 20200219_1130-V7.3.1
Product affected Talend Administration Center

Introduction

This patch is cumulative. It includes all previous generally available patches for Talend Administration Center 7.3.1.

NOTE: To download this patch, liaise with your Support contact at Talend.

Prerequisites

Consider the following requirements for your system:

  • Talend Administration Center 7.3.1 must be installed.

Installation

  1. Log in to TAC and switch to Configuration-> Software Update, then enter the correct values and save. Follow the procedure described in the documentation: https://help.talend.com/r/en-US/7.3/installation-guide-big-data-linux/config-update-repo
  2. Switch to Software update page, where the new patch will be listed. The patch can be downloaded from here into the nexus repository.
  3. Login to local Nexus, and download the patch file.
  4. Stop all TAC instances.
  5. Please backup your database (if you meet issues with new patch, you can change to old one with this backup)
  6. Create a patch directory (eg: <Talend>/TAC_Patch).
  7. Unzip patch file you received from support into this directory, then unzip the org.talend.administrator.war file as org.talend.administrator folder. (Note: Please rename org.talend.administrator-7.3.1.war if your old TAC application folder has a different name. Set the same name as your old TAC application name.)
  8. Create a backup directory (eg: <Talend>/TAC_Backup).
  9. Copy folder <Tomcat>/webapps/org.talend.administrator into the backup directory. DO NOT place org.talend.administrator backup folder into webapps directory.
  10. In <Tomcat>/webapps/ directory, remove the previous org.talend.administrator folder, then copy the org.talend.administrator folder unzipped at step 6 and paste in the current directory.
  11. Restore TAC configuration by replacing <Tomcat>/webapps/org.talend.administrator/WEB-INF/classes/configuration.properties and quartz.properties with the same files that are stored in your backup directory.

    Note:

    • Make sure that no other instances of TAC webapp are deployed into Tomcat's webapps folder. Make sure your TAC backup folder has NOT been stored in <Tomcat>/webapps folder.
    • Restore DB driver by copying driver to <Tomcat>/webapps/org.talend.administrator/WEB-INF/lib (available in backup directory <Talend>/TAC_Backup).
    • If your TAC database is H2 db and embedded in TAC web folder (<Tomcat>/webapps/org.talend.administrator/WEB-INF/database by default), don't forget to restore H2 db by replacing this folder with the exact corresponding folder from your backup directory.
    • H2 version in this patch is updated due to security reasons. To migrate to new version of H2, please follow the documentation: https://help.talend.com/r/en-US/7.3/migration-upgrade-guide-big-data/upgrading-the-h2-database-after-changing-h2-driver-to-21210.
    • If your TAC works with SSO, you should restore the IDP Metadata file (<Tomcat>/webapps/org.talend.administrator/WEB-INF/classes/IDPMetadata.xml) from your backup directory.
  12. Restart TAC.

    Note:

    • It's recommended to clear browser cache after TAC patch has been applied.
    • New configurable parameter for Jobserver connection timeout: jobserverClient.port.timeout, please update the value in DB when you meet the SocketTimeoutException error(unit is millisecond), SQL statement example: UPDATE configuration SET configuration.value = "8000" WHERE configuration.key = "jobserverClient.port.timeout";;
    • Log4j CVE-2021-44228 & CVE-2021-45046 fixed on Patch_20211217_TPS-5025_v1: please rebuild the jobs with latest Studio patch.
    • If the fix is in scope of TPS-4991 and you want to activate it, please set the following property as true in JVM: org.talend.tac.esb.feature.install.error.refresh = true; The default value is false, so if not needed it is not recommended to change it.
    • New LDAP connection timeout parameter: ldap.config.timeout. You can change it by editing the value of the ldap.config.timeout property in milliseconds in the database configuration table.
    • In case of patch rollback, only the backup database can be used
  13. Repeat the above steps for each instance.

TPS-5614v2

Other issues fixed in TPS-5614v2

  • QTAC-373 [7.3.1] TAC SSO Mapping Configuration not saved correctly

TPS-5614

CVEs fixed in TPS-5614

  • QTAC-35 [7.3.1] CVE-2024-47561 org.apache.avro:avro 1.11.3
  • QTAC-34 [7.3.1] CVE-2024-47554 Commons-Io:commons-Io 2.11.0 and 2.8.0
  • QTAC-33 [7.3.1] CVE-2024-7254 com.google.protobuf:protobuf-java 4.27.3 and 2.5
  • QTAC-61 [7.3.1] [security] SSRF via Configuration URLs

Other issues fixed in TPS-5614

  • QTAC-93 [7.3.1] Improve Path Validation for log path
  • QTAC-165 [7.3.1] Remove signature in the Job artifacts generated by 7.3 Studio
  • QTAC-237 [7.3.1] LDAP query built from user-controlled sources
  • QTAC-290 [7.3.1] Add time out config for connection on nexus/nexus3/Artifactory(default value is 30s)

TPS-5613

CVEs fixed in TPS-5613

  • TAC-19852 [7.3.1] CVE-2024-28752: SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8

Other issues fixed in TPS-5613

  • TAC-18872 [7.3.1] ERROR DatabaseInitializer - Update database schema for patch fail after restarting tomcat while using H2 DB

TPS-5609

CVEs fixed in TPS-5609

  • TAC-19789 [7.3.1] CVE-2024-34750 org.apache.tomcat:tomcat-coyote 9.0.89

Other issues fixed in TPS-5609

  • TAC-19646 [7.3.1] TAC support Azure Flexible Server
  • TAC-19529 [7.3.1] logs does not download If Technical and Business log set path to root directory
  • TAC-19735 [7.3.1] Fix the sending | deploying error when run task with virtualserver caused by same server hosts and ports

TPS-5608

Other issues fixed in TPS-5608

  • TAC-17397 [7.3.1] Retry mechanism needed when "use latest version" is facing random nexus api failure 500: "Asset search returned no results"
  • TAC-19026 [7.3.1] Change log level WARN to debug
  • TAC-19593 [7.3.1] Download failed when the log path is not exist
  • TAC-19617 [7.3.1] support both jobserver.log.retreiver.deprecated=true and jobserver.log.retriever.deprecated=true
  • TAC-19626 [7.3.1] TAC able to reuse Jobconductor generatedJobs cache to run task when Nexus down
  • TAC-19668 [7.3.1] Path Validation for log path is too strict
  • TAC-19585 [7.3.1] fix typo "DEBUG SSOUtils - Remove SSO initlizaiton info from TAC"
  • TAC-19732 [7.3.1] Add cache to improve load properties file from job
  • TAC-19729 [7.3.1] Fix the long sending and deploy status for the first run against virtual server

TPS-5607

CVEs fixed in TPS-5607

  • TAC-19384 [7.3.1] Findings in: shiro-web:1.12.0

Other issues fixed in TPS-5607

  • TAC-19405 [7.3.1] Undefined context variables printed when using tContextDump
  • TAC-19586 [7.3.1] Improve validation of log path
  • TAC-18907 [7.3.1] Remove the parameter of maxDurationsOnEmptyLog & maxDurationsOnIdlePlan
  • TAC-19370 [7.3.1] Security issues Configuration page
  • TAC-19429 [7.3.1] Context parameters in plan A are reset and impacted by deleting a different plan B
  • TAC-19594 [7.3.1] Keep context parameter open delete plan by metaservlet and refresh context parameter will throw 500
  • TAC-19614 [7.3.1] It should not limit tomcat patch as log path
  • TAC-19512 [7.3.1] Trigger context fileName, filePath and folderPath not passed to the job when set more than two custom value empty
  • TAC-19519 [7.3.1] TAC menu - Dynamic Links not responding to click

TPS-5548

CVEs fixed in TPS-5548

  • TAC-19377 [7.3.1] xmlsec:2.2.3 | CVE-2023-44483
  • TAC-19383 [7.3.1] tomcat-coyote:9.0.83 | CVE-2024-24549

Other issues fixed in TPS-5548

  • TAC-19368 [7.3.1] Password available in clear text HTTPS responses
  • TAC-19369 [7.3.1] Security issues with listConnection API
  • TAC-19095 [7.3.1] Possible further improvement regarding handling Execution task state recovering failed
  • TAC-19340 [7.3.1] Jobs stuck in requesting run state for more than 30+ mins

TPS-5546

CVEs fixed in TPS-5546

  • TAC-19106 [7.3.1] commons-compress:1.21 | CVE-2024-26308
  • TAC-19003 [7.3.1] commons-codec:1.11 | None
  • TAC-19222 [7.3.1] Update Apache HttpClient to 4.5.13

Other issues fixed in TPS-5546

  • TAC-19094 [7.3.1] value of context variable type=password provided as "Custom value" visible in technical.log when task launched using metaservlet.
  • TAC-19039 [7.3.1] transfer libraries from nexus2 to nexus3 failed
  • TAC-19074 [7.3.1] on the db config page click "Import parameters" button then appears "Driver is required to check connection"
  • TAC-19162 [7.3.1] key rotation called in an infinite loop
  • TAC-19207 [7.3.1] An error occured while downloading log. Failed to copy full contents
  • TAC-15740 [7.3.1] Use SHA instead of MD5 when checking checksums

TPS-5545

CVEs fixed in TPS-5545

  • TAC-19071 [7.3.1] CVE-2020-11979: Vulnerability reported by org.apache.ant:ant:1.9.12

Other issues fixed in TPS-5545

  • TAC-19057 [7.3.1] the NULL value for jobscriptarchivefilename -> executiontask in Postgresql db causing NPE for task running
  • TAC-19109 [7.3.1] Memory leak in TaskListenerRegister
  • TAC-18862 [7.3.1] TAC Error occurred when Listening statistics on socket localhost: null"
  • TAC-18958 [7.3.1] Support Nexus version 3.65
  • TAC-19048 [7.3.1] TAC technical log flooded with messages ERROR GeneratedProcessHelper class
  • TAC-18560 [7.3.1] Set WARN EncryptionHandler to debug level
  • TAC-18937 [7.3.1] Red icon for LDAP "group title" when UseLDAPAuthentication = false
  • TAC-18341 [7.3.1] improve TAC download logs feature (includes additional logs)
  • TAC-19090 [7.3.1] Move to cloud splash screen points to an invalid community link

TPS-5544

CVEs fixed in TPS-5544

  • TAC-19002 [7.3.1] Findings in: bcprov-jdk15on:1.70
  • TAC-19013 [7.3.1] CVE-2023-26119: HtmlUnit Code Injection vulnerability
  • TAC-19004 [7.3.1] Findings in: commons-collections:3.2.1
  • TAC-19047 [7.3.1] tomcat-coyote:9.0.75 | CVE-2023-44487

Other issues fixed in TPS-5544

  • TAC-17959 [7.3.1] Deploy tac throw The value can't be decrypted javax.crypto.BadPaddingException: pad block corrupted
  • TAC-18785 [7.3.1] Under Settings->Configuration-> Software Update, 3 errors was shown in titile but only one "Unable to locate repository with the provided id (name)." was pointed out for user.

TPS-5543

CVEs fixed in TPS-5543

  • TAC-18910 [7.3.1] CVE-2023-33265: Vulnerability reported by trivy com.hazelcast:hazelcast v.3.12.6
  • TAC-18733 [7.3.1] CVE-2023-4759: Vulnerability reported by trivy org.eclipse.jgit:org.eclipse.jgit v.5.6.1.202002131546-r
  • TAC-18740 [7.3.1] CVE-2021-22570: Vulnerability reported by trivy com.google.protobuf:protobuf-java v.2.5.0

Other issues fixed in TPS-5543

  • TAC-18229 [7.3.1] Random issue: fields in configuration page become read-only
  • TAC-18545 [7.3.1] Metaservlet command to stop execution plan
  • TAC-18771 [7.3.1] Execution plan will always stay loading when more than one person resuming plans
  • TAC-18782 [7.3.1] Improve logs and error message for some typical exception cases, and JobServer connection reliability
  • TAC-18787 [7.3.1] "Real time statistics" dialog was still shown even the user logged out.
  • TAC-18814 [7.3.1] Viewing exec log from JobConductor page uses more time and memory
  • TAC-18845 [7.3.1] It is possible to create a PLAN that will stay running forever without any error returned
  • TAC-18859 [7.3.1] The password to connect to TAC from studio should support special characters
  • TAC-18705 [7.3.1] Remove the redundant buttons under LADP configuration
  • TAC-18836 [7.3.1] Create executionId in TAC and pass it to jobserver

TPS-5492

CVEs fixed in TPS-5492

  • TAC-18737 [7.3.1] CVE-2023-39410: Vulnerability reported by trivy org.apache.avro:avro v.1.10.2
  • TAC-18736 [7.3.1] CVE-2023-44981: Vulnerability reported by trivy org.apache.zookeeper:zookeeper v.3.5.8
  • TAC-18732 [7.3.1] CVE-2023-5072: Vulnerability reported by trivy org.json:json v.20230227
  • TAC-18741 [7.3.1] CVE-2022-45868: Vulnerability reported by trivy com.h2database:h2 v.2.1.214
  • TAC-18738 [7.3.1] CVE-2023-4586: Vulnerability reported by trivy io.netty:netty-handler v.4.1.84.Final

Other issues fixed in TPS-5492

  • TAC-18520 [7.3.1] Trim value of 'Runtime server username'
  • TAC-18570 [7.3.1] hide h2console URL from TAC>Configuration page
  • TAC-18809 [7.3.1] realtime.cache.size specified in configuration.properties not taken into account
  • TAC-18550 [7.3.1] Contexts will not decrypted or encrypted when default or original value is NULL

TPS-5491

CVEs fixed in TPS-5491

  • TAC-18739 [7.3.1] CVE-2013-6235: Vulnerability reported by trivy com.jamonapi:jamon v.2.74

Other issues fixed in TPS-5491

  • TAC-3292 [7.3.1] metaservlet methods for "project Reference" to be deprecated
  • TAC-18718 [7.3.1] Job Conductor page not show tasks
  • TAC-18535 [7.3.1] Stop TAC connecting to unused ESB Infrastructure Services
  • TAC-18569 [7.3.1] misleading example in configuration.properties JobServerClient.conf.timeout=30000
  • TAC-18520 [7.3.1] Trim value of 'Runtime server username'

TPS-5490

CVEs fixed in TPS-5490

  • TAC-18597 [7.3.1] CVE-2023-34610: com.cedarsoftware:json-io vulnerability found by trivy
  • TAC-16787 [7.3.1] java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated
  • TAC-18600 [7.3.1] Update jaxws-ri to version 2.3.6
  • TAC-18246 [7.3.1] guava:30.0-jre | CVE-2020-8908
  • TAC-18599 [7.3.1] Check whether Apache Directory jars can be replaced with api-all

Other issues fixed in TPS-5490

  • TAC-18554 [7.3.1] NPE happen when LDAP firstName and lastName are empty
  • TAC-18591 [7.3.1] No more user available with this license error
  • TAC-18544 [7.3.1] when context.passwords.secured.only=true contexts not decrypted when default or original value is empty
  • TAC-18346 [7.3.1] deploy error with virtual server : error 'Connection to server failed' occurred when 'Sending...'
  • TAC-18433 [7.3.1] When execution is removed from scheduledJobManager basic and detailed status are not updated
  • TAC-18596 [7.3.1] Redundant dependency opencsv-1.8_patched found in TAC
  • TAC-18569 [7.3.1] misleading example in configuration.properties JobServerClient.conf.timeout=30000

TPS-5489

CVEs fixed in TPS-5489

  • TAC-18416 [7.3.1] Findings in: shiro-web:1.10.0

Other issues fixed in TPS-5489

  • TAC-18170 [7.3.1] Import same execution plan twice will throw NPE error
  • TAC-18456 [7.3.1] Connection to server failed error even though logs are complete
  • TAC-18463 [7.3.1] For Git project name with dot character ('.') project folder name is truncated in org.talend.administrator_git
  • TAC-18467 [7.3.1] TAC Job Conductor - Statistic is showing as Removed
  • TAC-18471 [7.3.1] XSS issue when deleting User Groups
  • TAC-17875 [7.3.1] TAC new log retriever sub-optimal with some workloads
  • TAC-18262 [7.3.1] output less redundant debug logs to make it easier to check customer's issues in logs
  • TAC-18437 [7.3.1] Add/Delete task in EP with trigger tasks list will show empty
  • TAC-18483 [7.3.1] Check and remove sensitive information from local storage
  • TAC-18486 [7.3.1] TAC shows Runtime Down if Host name has trailing space characters.
  • TAC-18517 [7.3.1] the QRTZ tables are missing after installing TAC 8 in Oracle DB

TPS-5488

CVEs fixed in TPS-5488

  • TAC-18366 [7.3.1] CVE-2020-11971 org.apache.camel:camel-core 2.24.2

Other issues fixed in TPS-5488

  • TAC-18296 [7.3.1] TAC 7.3 to 8 Error: Not correct logs when migration
  • TAC-17774 [7.3.1] TAC Error : Warning "Checking Connection" for Git while adding projects
  • TAC-18359 [7.3.1] Add the context parameter for saveEsbTask & updateEsbTask commands
  • TAC-18342 [7.3.1] TAC UI bug in virtual server page
  • TAC-18360 [7.3.1] Make the configuration for plan recovery mechanism separate from task recovery
  • TAC-18247 [7.3.1] TAC software update page gives "Unexpected HTTP status '503'"
  • TAC-18381 [7.3.1] Enable TAC's SMTP Debug option.
  • TAC-11347 [7.3.1] Add deleting tasks from execution plan to the business log
  • TAC-18456 [7.3.1] Connection to server failed error even though logs are complete

TPS-5487

CVEs fixed in TPS-5487

  • TAC-18204 [7.3.1] org.apache.tomcat:tomcat-coyote:9.0.75
  • TAC-18286 [7.3.1] Findings in: snappy-java:1.1.1.3

Other issues fixed in TPS-5487

  • TAC-17617 [7.3.1] better handling of taskexecutionhistory content
  • TAC-17799 [7.3.1] Investigate the failure of cross migration from mysql to other db
  • TAC-18186 [7.3.1] Empty custom context does not reflect on TAC, uses original value instead.
  • TAC-18230 [7.3.1] Recovery for execution plan doesn`t work properly when plan idquartzjob is different from plan id
  • TAC-18270 [7.3.1] Issue with MetaServlet's "deleteUserGroupById" command.
  • TAC-18250 [7.3.1] processing stopped after multi selecting "resume tasks" in UI
  • TAC-12486 [7.3.1] Strange URL addon after starting TAC
  • TAC-18214 [7.3.1] Unknown JavascriptException seen in Browser's console
  • TAC-18236 [7.3.1] After applying Patch20230421TPS-5461_v1-8.0.1 customer is not able to connect to there JFrog Artifactory anymore and are seeing the "Timeout occurs while retrieving this parameter for URL:" message
  • TAC-18247 [7.3.1] TAC software update page gives "Unexpected HTTP status '503'"
  • TAC-18331 [7.3.1] Long latency (15 min) execution under virtual server node even though the Jobserver are graded with five starts under low load

TPS-5460

CVEs fixed in TPS-5460

  • TAC-18104 [7.3.1] Vulnerability found in com.google.guava:guava:11.0.2 | CVE-2018-10237
  • TAC-18090 [7.3.1] CVE: org.apache.tomcat:tomcat-catalina:9.0.69
  • TAC-18128 [7.3.1] Vulnerabilities found in commons-cli 1.2
  • TAC-18127 [7.3.1] Vulnerability found in jfreechart 1.0.13 | CVE-2007-6306
  • TAC-18106 [7.3.1] CVE-2021-41973 : Vulnerability found in org.apache.mina:mina-core:2.1.3
  • TAC-18107 [7.3.1] Vulnerability found in org.eclipse.jetty:jetty-server:9.4.48.v20220622 | CVE-2023-26048
  • TAC-17871 [7.3.1] Jobs are stuck in "Running" Status for long period

Other issues fixed in TPS-5460

  • TAC-17702 [7.3.1] Support Ubuntu 22.04 as a TAC OS
  • TAC-17739 [7.3.1] TAC Support for MS SQL Server 2022
  • TAC-17945 [7.3.1] Jobconductor display last execution log is slow.
  • TAC-18097 [7.3.1] The column name 'processingstate' is specified more than once in the SET clause or column list of an INSERT
  • TAC-18129 [7.3.1] Jobs triggered by execution plan cron triggers throws NPE
  • TAC-17982 [7.3.1] Issues found for On unavailable Job server with virtual server
  • TAC-18025 [7.3.1] Use attached dump file to migrate from postgres to oracle failed in 731 latest patch
  • TAC-18078 [7.3.1] unable to properly use a custom schema with a postgres non default database
  • TAC-18159 [7.3.1] Delete a task which is set in rollback in executionplan will throw Operation failed: !!!Cannot flush and commit transaction.!!!

TPS-5459

CVEs fixed in TPS-5459

  • TAC-17948 [7.3.1] json-smart:2.4.6 | CVE-2023-1370
  • TAC-17974 [7.3.1] org.codehaus.jettison: jettison:1.5.3

Other issues fixed in TPS-5459

  • TAC-17917 [7.3.1] Nexus Arctifact list is being truncated in TAC
  • TAC-17997 [7.3.1] License is not showing MDM named users count
  • TAC-17861 [7.3.1] Zip file missing in job-conductor when calling an artifact task
  • TAC-17618 [7.3.1] debug messages in TAC : DEBUG Segment
  • TAC-18003 [7.3.1] The issue of removeServerProjectAuthorization | createServerProjectAuthorization
  • TAC-17921 [7.3.1] Job execution recovery behavior is same amont each 'On unavailable Job server' settings
  • TAC-17933 [7.3.1] Unauthorised Access to Users Feature
  • TAC-17876 [7.3.1] updateDesStoragePeriodForLogFiles::TAC team failed error
  • TAC-17976 [7.3.1] User list cache should be clear in notification page when users lose user access role

TPS-5458

CVEs fixed in TPS-5458

  • TAC-17641 [7.3.1] CVE-2022-1471: snakeyaml:1.33
  • TAC-17664 [7.3.1] CVE-2022-45787: apache-mime4j-storage:0.8.3
  • TAC-17773 [7.3.1] CVE-2022-45688: Json:20220320
  • TAC-17793 [7.3.1] maven-core:3.8.6
  • TAC-17810 [7.3.1] CVE-2023-24998: commons-fileupload:1.4
  • TAC-17824 [7.3.1] CVE: org.apache.tomcat:tomcat-catalina:9.0.68
  • TAC-17834 [7.3.1] CVE-2021-28170: jakarta.el:3.0.3

Other issues fixed in TPS-5458

  • TAC-17633 [7.3.1] Errors "can't connect to the zookeeper server" in TAC 7.3.1 even not used ESB
  • TAC-17698 [7.3.1] Unable to migrate TAC's DB and no visible error.
  • TAC-16466 [7.3.1] custom role for execution plan access
  • TAC-17626 [7.3.1] TAC artifactory path validation incomplete
  • TAC-17796 [7.3.1] resumePlan/pausePlan by MetaServlet for FileTrigger does not work
  • TAC-17766 [7.3.1] 721 migration to latest 731 patch failed.
  • TAC-17855 [7.3.1] Custom value for password type context parameter will be written to database in plain text when run a plan
  • TAC-17637 [7.3.1] maxDurationBeforeCleaningOldJobs and maxDurationBeforeCleaningOldExecutionsLogs in configuration table the description should be days
  • TAC-16763 [7.3.1] modify a NPA user which has not roles will fail with 'Save failed: NoSuchElementException'
  • TAC-17821 [7.3.1] migration failed from 711 to 731 with oracle
  • TAC-17277 [7.3.1] "use latest version" : the latest artifact version is not always selected- Jfrog
  • TAC-17758 [7.3.1] Check whether exe/dll files needed for TAC
  • TAC-17862 [7.3.1] Jobs executed using Chron trigger throws Cannot retrieve bean error
  • TAC-17885 [7.3.1] Some tasks are killed when a value except 0 is set to "scheduler.conf.resetTaskStatus.maxDurationsOnEmptyLog"
  • TAC-16377 [7.3.1] Server-Project authorization is not checked when deploy job is launched
  • TAC-17916 [7.3.1] TAC Webapp cannot logon to TAC DB MS SQL Server when database.password contains special characters
  • TAC-17278 [7.3.1] TAC support for FIPS (Federal Information Processing Standard)
  • TAC-17763 [7.3.1] Support for PostgreSQL 15
  • TAC-17876 [7.3.1] updateDesStoragePeriodForLogFiles::TAC team failed error
  • TAC-17933 [7.3.1] Unauthorised Access to Users Feature
  • TAC-17938 [7.3.1] "On unavailable jobserver" with "Restart task" does not work on virtual server
  • TAC-17976 [7.3.1] User list cache should be clear in notification page when users lose user access role

TPS-5427

Issues fixed in TPS-5427

  • TAC-17714 [7.3.1] Task end date and task duration details are not updated in TAC if we manually kill any job
  • TAC-17600 [7.3.1] error 500 when selecting artifact in repository from job conductor
  • TAC-17681 [7.3.1] Error and warn messages when execution plans are executed even they ran without any issues.
  • TAC-17398 [7.3.1] Generated job not found after migration
  • TAC-17572 [7.3.1] taskexecutionhistory table size and TAC start time

TPS-5425

CVEs fixed in TPS-5425

  • TAC-17544 [7.3.1] Update ehcache version for hibernate in TAC
  • TAC-17596 [7.3.1] CVE-2022-45693: Vulnerable lib Jettison 1.5.1 found in TAC
  • TAC-17594 [7.3.1] CVE-2022-40152: com.fasterxml.woodstox:woodstox-core:6.2.7
  • TAC-17599 [7.3.1] CVE-2022-42252: Vulnerable lib tomcat-coyote 9.0.58 found in TAC
  • TAC-17699 [7.3.1] CVE-2021-44832: Log4j2 CVE appeared again after jcloud was updated
  • TAC-17591 [7.3.1] CVE-2022-1471: Vulnerability was found in library SnakeYAML version 1.32

Other issues fixed in TPS-5425

  • TAC-17608 [7.3.1] Metaservlet TAC database migration from Postgres to SQL Server is not working
  • TAC-17645 [7.3.1] AWS sso created new user could not be updated from TAC UI
  • TAC-17668 [7.3.1] Some tasks are killed even though "scheduler.conf.resetTaskStatus.maxDurationsOnEmptyLog" set to 0
  • TAC-17602 [7.3.1] Task Status Mismatch Issue
  • TAC-17371 [7.3.1] fewer business logs compared to 7.2.1
  • TAC-17499 [7.3.1] TAC slowness in requesting run and deploying
  • TAC-16293 [7.3.1] TAC will hang up if a task with a specific job enabling Statistics on the task is running

TPS-5423

CVEs fixed in TPS-5423

  • TAC-17558 [7.3.1] Update CXF library to version 3.5.5
  • TAC-17489 [7.3.1] CVE: CVE-2022-40154 com.thoughtworks.xstream:xstream:1.4.19(to 1.4.20)
  • TAC-17598 [7.3.1] CVE-2022-3171: Vulnerable lib Protocol Buffers 3.6.1 found in TAC

Other issues fixed in TPS-5423

  • TAC-17353 [7.3.1] Issue adding a new LDAP user in TAC
  • TAC-17555 [7.3.1] Add a description into TAC cumulative patch Release Note
  • TAC-17560 [7.3.1] "Storage period for generated Jobs" is not working.
  • TAC-17569 [7.3.1] Add index for some table in MSSQL, Postgre, Oracle
  • TPS-5421 [7.3.1] Update CXF library to version 3.5.5 (TAC-17558)
  • TPS-5423 [7.3.1] Cumulative Patch - 20230106

Fixed issues

This patch is cumulative and contains the following fixes:

  • TPS-3836 [7.3.1] LDAPs connection failure on TAC configuration page,LDAP user can not login(TAC-14109)
  • TPS-3977 [7.3.1] Not possible to assign authorizations beyond 127 projects in TAC. (TAC-14177)
  • TPS-4016 [7.3.1] After migrate from 6.4.1 to 7.3.1,login 7.3.1 TAC failed(TAC-14196)
  • TPS-4088 [7.3.1] Studio doesn't fetch Use SSL for remote jobserver from TAC(TAC-14085)
  • TPS-4100 [7.3.1] SaveESBTask command fails with error {"returnCode": 1} on metaservlet while publishing route.(TAC-14301)
  • TPS-4075 [7.3.1] TAC is not response, when modified the project description then clicked save (TAC-14269)
  • TPS-4119 [7.3.1] content of boolean Variables in TAC with capital letters (TAC-14283)
  • TPS-4122 [7.3.1] Not possible to assign authorizations beyond 127 projects in TAC for usergroup users (TAC-14315)
  • TPS-4171 [7.3.1] Cross migration doesn't work (TAC-13970)
  • TPS-4148 [7.3.1] Issue with context list during Task creation not showing all contexts (TAC-13776)
  • TPS-4168 [7.3.1] tRestClient - base64 - metaServlet : Input byte array has wrong 4-byte ending unit (TAC-14339)
  • TPS-4174 [7.3.1] taskexecutionhistory table cleaning is not triggered automatically for a specific TAC DB(TAC-14375)
  • TPS-4203 [7.3.1] org.talend.administrator.common.exception.DBException: !!!Cannot flush and commit transaction.!!! (TAC-13204)
  • TPS-4214 [7.3.1] Cannot upgrade the TAC DB 6.1.1 to TAC DB 7.3.1 (TAC-14400)
  • TPS-4251 [7.3.1] After migration from 6.4->7.3.1(MSSQL), metaservlet command listTasks returns NullPointerException.(TAC-14403)
  • TPS-4127 [7.3.1] The realtime statistics of a job run in TAC are visible in real time statistics page with a delay (TAC-14308)
  • TPS-4313 [7.3.1] "Read" user can commit changes to git server (TAC-14485)
  • TPS-4345 [7.3.1] Context issue with double-quotes in custom value if the original value is enclosed in double quotes (TESB-28908)
  • TPS-4258 [7.3.1] Users page goes blank after removing some columns from the view (TAC-14457)
  • TPS-4288 [7.3.1] TAC login is case sensitive for regular and LDAP users (TAC-14230)
  • TPS-4315 [7.3.1] TAC is not sending out notifications when task fails or user is created (TAC-14274)
  • TPS-4350 [7.3.1] TAC is hanging when modify project description field or any other fields in TAC project (TAC-14565)
  • TPS-4376 [7.3.1] TAC begins to hang / frozen (TAC-14369)
  • TPS-4451 [7.3.1] "associatePreGeneratedJob" response time issue (TAC-14660)
  • TPS-4395 [7.3.1] libraries migrations : error with filename containing whitespace (TAC-11721)
  • TPS-4406 [7.3.1] Nexus 3 with "nexus-context-path=/nexus" is not functioning (TAC-14509)
  • TPS-4423 [7.3.1] Context Parameters are reset during updateTask using MetaServlet (TAC-14656)
  • TPS-4463 [7.3.1] 401 Authentication credentials were missing or incorrect
  • TPS-4474 [7.3.1] Context variables in TAC not updated after re-importing from Nexus(TAC-14695)
  • TPS-4492 [7.3.1] DB migration issue with TAC in 7.3.1(TAC-14496)
  • TPS-4508 [7.3.1] Restart job option does not work when it is configured in TAC (TAC-14726)
  • TPS-4528 [7.3.1] Swap of original values and custom value in TAC (TESB-31017)
  • TPS-4451 [7.3.1] "associatePreGeneratedJob" response time issue (TAC-14660) (fix version 2)
  • TPS-4537 [7.3.1] Retrieve Virtual Servers from TAC to Studio (TAC-14742)
  • TPS-4540 [7.3.1] Metaservlet Create tag via metaservlet not working when branch not whitelisted (TAC-14782)
  • TPS-4545 [7.3.1] [ESB conductor] can't create task with snapshots version (TESB-31136)
  • TPS-4576 [7.3.1] Update studio certificates for signing of Job zip (TAC-14816)
  • TPS-4557 [7.3.1] Setting "Use https (SSL/TLS)" Parameter via TAC Metaservlet API (TAC-14813)
  • TPS-4579 [7.3.1] JVM Parameters Issue in 7.3 TAC (TAC-14823)
  • TPS-4594 [7.3.1] Error happened while reading contexts from the source file!!!,"returnCode":5 (TAC-14841)
  • TPS-4588 [7.3.1] The Console logs in TAC is not visible after applying the patch Latest 7.3 TAC Patch (TAC-14840)
  • TPS-4619 [7.3.1] Job Conductor page UI issues (TAC-14853)
  • TPS-4634 [7.3.1] there is not the notification email received when the task failed (TAC-14783)
  • TPS-4665 [7.3.1] Artifactory - Not able to select context in ESB conductor(TESB-31816)
  • TPS-4660 [7.3.1] Catalina log is filing up with lot of debugs(TAC-14901)
  • TPS-4662 [7.3.1] TAC-DB migration problem 6.4 to 7.3 (oracle 12c to 19c)(TAC-14920)
  • TPS-4658 [7.3.1] TAC7.3.1 when adding artefact through normal task, issue with context variable type (TAC-14864)
  • TPS-4690 [7.3.1] Smtp fails with TLS error on 7.3(TAC-14892)
  • TAC-14737 [7.3.1] Github Renaming the default branch from master
  • TPS-4750 [7.3.1] Contexts of ESB Task not updated when ESB Task is updated with new artifact version (TESB-32442)
  • TPS-4745 [7.3.1] Trigger context fileName, filePath and folderPath not passed to the job (TAC-15017)
  • TPS-4749 [7.3.1] Able to see/run tasks in projects not having authorization when only using custom roles (TAC-15038)
  • TAC-14549 [7.3.1] Metaservlet: cannot delete project without authorization
  • TAC-13187 [7.3.1] Can't send email notifications when running Java11
  • TESB-28187 [7.3.1] SaveEsbTask metaservlet command does not set context as active.
  • TAC-14218 [7.3.1] "/nexus" is hardcoded in NexusBrowserBusiness.class.
  • TESB-29552 [7.3.1] TAC: StringIndexOutOfBoundsException when creating ESB Conductor Tasks
  • TAC-14039 [7.3.1] Intermittent issue of StringIndexOutOfBoundsException for TaskExecutionHistoryLogge
  • TAC-14391 [7.3.1] TAC: Option to remove "Rights Management" from 'Administrative Use' role
  • TAC-14634 [7.3.1] Metaservlet "associatePreGeneratedJob" API is taking Default as context group
  • TAC-14766 [7.3.1] TAC(MariaDB 10.1) -> Timeline page throws error after installing patch TPS-4322
  • TAC-14860 [7.3.1] Metaservlet call to createUserGroup fails with {"returnCode":5}
  • TAC-13817 [7.3.1] Support Cache-Control attributes (No-store, No-cache)
  • TAC-13761 [7.3.1] Tooo long time to complete the Job server status check
  • TAC-14670 [7.3.1] TAC resiliency issue with statistics port
  • TAC-14896 [7.3.1] TAC Errors after installing TAC Patch20201218TPS-4556_v2
  • TAC-14968 [7.3.1] TAC-ESB is not able to deploy routes / nor displays runtimes
  • TAC-14960 [7.3.1] Failed to deploy artifacts: Could not find artifact error when trying to publish jobs
  • TPS-4626 [7.3.1] Viewer role do not have access to view Execution logs under Job conductor(TAC-14796)
  • TPS-4724 [7.3.1] Roles for download an artifact from Nexus in TAC Job Conductor view (TAC-14316)
  • TAC-15097 [7.3.1] project does not show in UI after executing CreateProject metaservlet command
  • TAC-15054 [7.3.1] Execute update project by MetaServlet failed with {"returnCode":1}
  • TAC-15124 [7.3.1] metaservlet listTrigger fails
  • TAC-14924 [7.3.1] Displaying order is not consistent at Job Conductor screen
  • TAC-14229 [7.3.1] Add functionality to display the actual TAC version to know the installed PATCH
  • TAC-14811 [7.3.1] Zero byte job execution log issue on TAC
  • TAC-14964 [7.3.1] Jobs stuck in RUNNING status (recovery mechanism for tasks and plans)
  • TPS-4659 [7.3.1] the pause button on trigger does not work perfectly (TAC-14871)
  • TPS-4689 [7.3.1] Cannot reach SVN server(TAC-14843)
  • TPS-4765 [7.3.1] Metaservlet associatePreGeneratedJob error: This job doesn't have context: 'Default' (TAC-15086)
  • TAC-15219 [7.3.1] not able to migrate MSSQL database from 6.1.1 to 7.3.1 (TAC-14697)
  • TAC-15128 [7.3.1] TAC - GIT configuration
  • TAC-14666 [7.3.1] TAC migration failed with h2 DB
  • TAC-14973 [7.3.1] Execution Plans fails with status: INTERRUPTED, RUNNINGERROR, PLANLAUNCHED, RUNNINGERROR and ENDEDWITH_WARNING (fixed interrupted plan status issue
  • TAC-15165 [7.3.1] select nexus job should display "Select artifact from Nexus" when if I use nexus as my artifactory repository type
  • TAC-15265 [7.3.1] TAC / JOB CONDUCTOR : Error: Connection to server failed when deploying a job - jobserverClient.port.timeout (default timeout increased to 5 seconds)
  • TPS-4784 [7.3.1] ERROR TalendRemoteServiceServlet - Expected to find an object with property ['items'] in path $ but found 'java.lang.String' (TAC-15016)
  • TPS-4785 [7.3.1] OutofMemory issue caused by RemoteDataRetreiver - Java heap space (TAC-14970)
  • TPS-4786 [7.3.1] job conductor error : History for task 'undefined' when an artifact is changed from an artifact task (TAC-15158)
  • TPS-4796 [7.3.1] "Save failed: No more DP (2) user available with this license" when updating an existing DP user. (TAC-15009)
  • TPS-4800 [7.3.1] The metaservlet 'updatetask' action does not update the new context variable of a new version of job in TAC (TAC-15037)
  • TPS-4813 [7.3.1] Add group field in Nexus Artifact selection to avoid search list can not be retrieved (TAC-13164)
  • TAC-15127 [7.3.1] The response for createTrigger metaservlet is not as expected when task id doesn't exist
  • TAC-15235 [7.3.1] ImportExecutionPlan command for Metaservlet not working in TAC
  • TAC-14108 [7.3.1] Need a RELIABLE way to identify if 2 or more TAC instances (not clusters) are using one DB schema
  • TAC-15257 [7.3.1] Not able to save edited plan after added
  • TAC-14939 [7.3.1] Provide a mechanism to collect the information about TPS patch installed on customer
  • TAC-14898 [7.3.1] Pop for cloud migration in TAC upon login
  • TAC-15307 [7.3.1] Newly added execution plan can't be displayed on UI if there is no task
  • TAC-15204 [7.3.1] RCA for TAC blank page / stuck at license check
  • TAC-14674 [7.3.1] download patch failed when use artifacotry for talend-updates
  • TAC-15214 [7.3.1] Correct metaServlet documentation
  • TAC-15244 [7.3.1] If "Use Latest Version" checkbox is checked when saving an Artifact Task with JFrog Artifactory 6.10.9, an exception is encountered
  • TAC-15255 [7.3.1] The status icon is always spinning for LDAP configuration
  • TAC-15322 [7.3.1] Sort on "Time left before next triggering" failed with error on oracle 12c
  • TAC-15133 [7.3.1] Root task status is not as same as before when killed due to timeout for plan
  • TAC-15378 [7.3.1] "nullpointer exception" in the TAC page : PROJECT AUTHORIZATIONS
  • TAC-14735 [7.3.1] audit of users who are updating contexts from TAC
  • TAC-15398 [7.3.1] NPE on 7.3.1 when select sort on next trigger time on JobConductor
  • TPS-4853 [7.3.1] Checking connection' warning after adding GIT project (TAC-15090)
  • TPS-4857 [7.3.1] Incorrect EP status when tasks fails during EP run with parallel execution and Cron trigger (TAC-15362)
  • TPS-4870 [7.3.1] Request patch for issue Authorization page can't retrieve user from IAM(TAC-15403)
  • TAC-15403 [7.3.1] Authorization page can't retrieve user from IAM
  • TAC-15394 [7.3.1] Customized processMessagePort not reflecting in TAC UI
  • TAC-15439 [7.3.1] Delete user failed for custom role is disabled.
  • TAC-14240 [7.3.1] Metaservlet API listUsers : Add field to show if user logged in, similar to UI securityadmin users list
  • TAC-11581 [7.3.1] Customer would like to be able to limit accress more granularly and create new roles
  • TAC-14615 [7.3.1] Role with job conductor author + job conductor view can modify the triggers
  • TAC-14681 [7.3.1] TAC Role Granularity - role where user can RUN and VIEW jobs, but cannot create trigger.
  • TAC-13816 [7.3.1] Support for HTTP Strict Transport Security (HSTS) in TAC
  • TAC-15427 [7.3.1] H2 DB migration failed from 721 to 731
  • TPS-4866 [7.3.1] Cannot migrate the TAC DB from H2 to MySQL in 7.3.1 (TAC-15372)
  • TPS-4881 [7.3.1] issue with the update of the password page when French language is chosen (TAC-15466)
  • TAC-15332 [7.3.1] after TAC restart, one particular job can't be triggered (fixed NPE-s)
  • TAC-15492 [7.3.1] Migrated datatypes don't match the non-migrated datatypes
  • TAC-15524 [7.3.1] Click on "Recipients" will show error !!!Cannot flush and commit transaction.!!!
  • TPS-4860 [7.3.1] MetaServlet command "requestDeployEsbTask" causes "All bundles are not active" even though all bundles are active in Runtime (APPINT-33143)
  • TPS-4886 [7.3.1] Context variables in TAC 7.3.1 not updated after re-importing task from nexus (TAC-15426)
  • TPS-4898 [7.3.1] Task not changing to "Ready to deploy" state in Job Conductor (TAC-15379)
  • TPS-4900 [7.3.1] TAC throws NotificationExec NPE and fails sending task-failure notification mail (TAC-15461)
  • TAC-15240 [7.3.1] Remove truncated "digests" of AWS credentials
  • TAC-15456 [7.3.1] Update the parameter 'contextparamsrefresh' to 'contextParamsRefresh' for metaservlet 'updatetask' action
  • TPS-4905 [7.3.1] .cfg file doesn't contain all the info (TAC-15541)
  • TPS-4907 [7.3.1] "failed to lazily initialize a collection of role: org.talend.model.conductor.ExecutionVirtualServer.executionServers" (TAC-15565)
  • TAC-15314 [7.3.1] Need assistance on siteminder configuration for customer
  • TAC-15361 [7.3.1] unable to use TLS 1.2 only smtp server with JDK 8_292 and TAC
  • TAC-14449 [7.3.1] Support of auth with Tokens in TAC
  • TAC-15627 [7.3.1] TAC patch install notes regarding schema migration with liquibase
  • TAC-15566 [7.3.1] TAC goes to hang state, problem is in LOCKS on the "dbo.taskexecutionhistory" table
  • TAC-15388 [7.3.1] Exhausted DB connections from DB pool
  • TAC-15343 [7.3.1] job conductor slow to open / display execution logs
  • TPS-4913 [7.3.1] Artifact task stuck in TASK_LAUNCHED status (TAC-15518)
  • TPS-4966 [7.3.1] throw java.sql.SQLException: READ_COMMITTED and SERIALIZABLE when switching to executionhistory with oracle DB (TAC-15697)
  • TAC-15648 [7.3.1] Task with 'Ready to run' status is converted back to 'Ready to deploy' when changing attribute
  • TAC-15540 [7.3.1] Failed to migrate from 7.2.1, 7.1.1 to 7.3.1, 8.0.1 (MySql 8.x)
  • TAC-15323 [7.3.1] Job getting deployed every time when Use latest version box checked
  • TAC-15674 [7.3.1] Trigger does not work after migration sometimes
  • TAC-13980 [7.3.1] After applying TPS-3642_v2 - Artifact task with latest version is not updating the latest version on running the job.
  • TAC-15681 [7.3.1] Context is not loaded after checked 'Use Latest Version'
  • TAC-15326 [7.3.1] job started twice by TAC
  • TAC-15678 [7.3.1] Creating ESB Task causes "can't be found with the matching properties" error
  • TAC-14603 [7.3.1] Add changes due to race condition item, in TPSVC-15569
  • TAC-15438 [7.3.1] Changing License from Talend Integration to Talend Data Service Platform blocks all DI users
  • TAC-15372 [7.3.1] Cannot migrate the TAC DB from H2 to MySQL in 7.3.1
  • TAC-15796 [7.3.1] ERROR: Data truncation: Data too long for column 'value' at row 1
  • TAC-15756 [7.3.1] TAC: a source error message and its JA equivalent need to be modified
  • TAC-15810 [7.3.1] Artifact task using latest version is converted back to 'Ready to deploy' when changing attribute
  • TAC-15767 [7.3.1] Clarify metaservlet commands for pause Triggers
  • TAC-15820 [7.3.1] unable to deploy mutiple artifact tasks in job conductor
  • TAC-15507 [7.3.1] Incorrect Error log - shows "in nexus" repository although "artifactory" is used
  • TPS-4942 [7.3.1] TAC to support LDAP Groups(TAC-11690)
  • TPS-4944 [7.3.1] Updating ESB Task doesn't update list of bundles in "Bundles" tab (TAC-15677)
  • TPS-4954 [7.3.1] migration mssql from v6.5.1 to v7.3.1 failed(TAC-15713)
  • TPS-4960 [7.3.1] Comprehensive Log is needed for TAC-14735 Audit Context change regarding the TASK/PLAN (TAC-15751)
  • TPS-4977 [7.3.1] Print Saml Response to the log (TAC-15687)
  • TPS-4984 [7.3.1] NullPointerException when save changes of artifact tasks's setting in job conductor (TAC-15798)
  • TPS-4989 [7.3.1] ESB tasks are stuck in Deploying or Requesting_Undeploy status (TAC-15841)
  • TPS-5021 [7.3.1] Hibernate initialize failed with TAC 7.3.1 after applying TPS-4989(TAC-15905)
  • TAC-15954 [7.3.1] URL returned blank when adding administrator at the end of TAC url
  • TAC-15899 [7.3.1] Error when undeploying ESB task
  • TAC-15894 [7.3.1] Task status in execution details are always in running when job server host ip is unavailable
  • TAC-15778 [7.3.1] Reset context for esb task and modify context for an artifact task the context in Execution task don't have audit logs for context
  • TAC-16001 [7.3.1] Context parameters not displaying in TAC
  • TAC-16022 [7.3.1] RemoteDataRetriver never shutdown for execution when jobserver is unreachable
  • TAC-16092 [7.3.1] TAC-7.3.1 "Null Pointer Exception" on Project Authorizations tab.
  • TPS-4991 [7.3.1] java.lang.ClassNotFoundException: javax.jms.Destination when deploying from TAC (TPRUN-2532)
  • TPS-5014 [7.3.1] error accessing runtime page, via a reverse proxy (F5) (TAC-14907)
  • TPS-5020 [7.3.1] migrate libraries : not all artifacts from org.talend.libraries are migrated from old to new nexus (TAC-15951)
  • TPS-5025 [7.3.1] A task running by a plan with a custom context will run with default context at times (TAC-15897)
  • TAC-16135 [7.3.1] Check whether log4j 2.x is used in TAC, maybe it could be excluded
  • TAC-16127 [7.3.1] Cannot see context in one of TAC in a cluster
  • TAC-16121 [7.3.1] TAC patch list does not manage continuation_token from nexus
  • TAC-16126 [7.3.1] An error FileNotFoundException occurs during deploy when a task enables "Use Latest Version"
  • TAC-15917 [7.3.1] Null Pointer exception while browsing through the tasks in Job Conductor Tab
  • TAC-15967 [7.3.1] edit user group which have user assigned will throw 500 error
  • TAC-15776 [7.3.1] Delete task/plan print details in business log regarding task/plan deleted
  • TAC-16148 [7.3.1] ExecutionPlan Page refresh has the 500 client error
  • TPS-5038 [7.3.1] TAC upgraded to TPS-4989 then startup too long time(TAC-15962)
  • TPS-5066 [7.3.1] Upper / Lower Panels in the ERROR RECOVERY MANAGEMENT page not "synchronized" (TAC-16065)
  • TPS-5088 [7.3.1] CVE-2021-42392 - Disable Remote H2 Console Access (TAC-16214)
  • TAC-16140 [7.3.1] Changed to the applicationType from null to JOB for EP after cross migration
  • TAC-16060 [7.3.1] Execution log is not immediately displayed though task has finished running
  • TAC-15823 [7.3.1] Default context is not changed though removed from later version
  • TAC-15513 [7.3.1] "scheduler.conf.retryRestartTaskWhenConnectionServerFailed" to be used by Tasks in Execution Plans (#1577)
  • TAC-16232 [7.3.1] liquibase database migration error message
  • TPS-5106 [7.3.1] TAC's DB issue when deploying ESB Tasks after patch (TAC-16277)
  • TPS-5109 [7.3.1] Cannot update a task when task name and plan name are the same (TAC-16249)
  • TPS-5100 [7.3.1] Metaservlet 'removeServerProjectAuthorization' failed with 'Cannot commit transaction (TAC-16245)
  • TPS-5121 [7.3.1] After applying TPS-5025 Customer is facing "String index out of range: -1" for MetaServlet runTask with empty context {} (TAC-16246)
  • TAC-16202 [7.3.1] Too many segment logs when debug threshold is set in technical logs
  • TAC-16347 [7.3.1] 'could not execute statement' In the migrationLog file when migration Mysql/MSSQL to Postgre
  • TAC-16198 [7.3.1] TAC task duration is at least 10 seconds greater than job duration
  • TAC-16284 [7.3.1] No errors thrown on all migration Operations
  • TPS-5146 [7.3.1] Update TAC dependency to replace log4j1 by reload4j (TAC-16339)
  • TAC-16440 [7.3.1] Cross migration failed with oracle to other database
  • TAC-16335 [7.3.1] Job running on Jobserver is killed unexpectedly
  • TAC-15946 [7.3.1] Use nexus-migration tool to initialize nexus3.35 failed
  • TAC-16442 [7.3.1] Cannot edit TAC projects with empty credential
  • TAC-16483 [7.3.1] Many liquibase error logs when startup TAC with H2
  • TAC-16304 [7.3.1] Customer doesn't see his admin users
  • TAC-16333 [7.3.1] Update default value for ldap connection timeout to 30s
  • TAC-16461 [7.3.1] User with Operation Manager role unable to see the previous execution logs
  • TAC-16516 [7.3.1] Use default value jobserver.useCache=true when having DB connection problem
  • TAC-16482 [7.3.1] The project is null on error message with associatePreGeneratedJob
  • TAC-16468 [7.3.1] Change in behavior for getTaskIdByName metaservlet call
  • TAC-16546 [7.3.1] Fix TAC name error in MetaServlet command help
  • TPS-5158 [7.3.1] jgit hangs/sleep in FS.FileStoreAttributeCache step on Git Project Connection checking (TAC-16400)
  • TPS-5161 [7.3.1] Change in behavior for getTaskIdByName metaservlet call (TAC-16468)
  • TPS-5159 [7.3.1] user can't be imported into TAC by 'Import users' with json file (TAC-13275)
  • TPS-5175 [7.3.1] Delayed task execution and task completion (TAC-16208)
  • TAC-16147 [7.3.1] TAC role don't sync when update tac role from sso
  • TAC-16547 [7.3.1] Cannot add AU role when using TP_ALL license
  • TAC-16494 [7.3.1] The trigger info on plan is lost
  • TAC-16370 [7.3.1] "DBException: task not found exception" when tasked deleted from metaservlet ->runTask and Jobconductor UI is still refreshing on it
  • TAC-16513 [7.3.1] TAC 731 - H2 DB to Oracle Migration not recognizing the License in the Oracle Database
  • TAC-16561 [7.3.1] Trigger name left ' is lost in File trigger
  • TAC-16327 [7.3.1] Migration failed on executionplanpartcontextprmsid column from mysql to postgresql executionplanpartcontextprmsid using Metaservelet-> migrateDatabase
  • TPS-5197 [7.3.1] Attribute:'svnid' not present while adding users in TAC using LDAP with SVN as storage(TAC-16555)
  • TAC-16610 [7.3.1] Find possibility to enable hibernate.generate_statistics in TAC hibernate
  • TAC-16626 [7.3.1] Metaservlet command "listUsers" doesn't show users ldap parameters
  • TAC-16598 [7.3.1] Metaservlet command failed for createSandboxProject
  • TAC-11822 [7.3.1] error / warning messages in TAC log should be more descriptive and meaningful
  • TAC-15771 [7.3.1] Generate a Personal Access Token from TAC metaservlet
  • TAC-16536 [7.3.1] cannot deploy and run normal task deployed as zip after jobserver reboot
  • TAC-16309 [7.3.1] When Set business log limit by: Time, it can happen that all business log files are deleted and no new file created
  • TPS-5169 [7.3.1] Stop & start features in ESBConductor are not working (TAC-16683)
  • TPS-5234 [7.3.1] CVE-2022-31648: SSOUtils.buildErrorPage doesn't escape the error message (TAC-16644)
  • TAC-16445 [7.3.1] TAC connection to Nexus behind proxy
  • TPS-5241 [7.3.1] Fix ConcurrentModificationException in RealtimeDataParser (TAC-16704)
  • TPS-5242 [7.3.1] missing realtime statistics from older executions (TAC-16695)
  • TAC-16738 [7.3.1] Transaction deadlocked with SQL Server
  • TAC-16801 [7.3.1] Notification isn't send for 'On user deletion' event when deleting user with metaservlet
  • TAC-16834 [7.3.1] Reset password: typo in error message
  • TAC-16554 [7.3.1] Add innodbstrictmode=OFF setting in DB config file
  • TAC-16743 [7.3.1] org.hibernate.HibernateException: Illegal attempt to associate a collection with two open sessions
  • TAC-16890 [7.3.1] Real time statistics is not shown anymore
  • TAC-16858 [7.3.1] Not all connection results are visible in real time statistics
  • TPS-5163 [7.3.1] TAC real time statistics do not work sometimes (TAC-16303)
  • TAC-16495 [7.3.1] TAC Execution Plan stuck in Status "Killing"
  • TAC-16703 [7.3.1] No error message when project is NPA and role is admin when login from SSO
  • TAC-16753 [7.3.1] The interaction between tds and scim takes more time than 721
  • TAC-16770 [7.3.1] Limit the number of patches on SoftwareUpdate page
  • TAC-16897 [7.3.1] Unable to display/update context parameter using API while publishing a new version of job
  • TAC-16913 [7.3.1] Migration hidden failure from V7.3.1 per JOBCONDUCTORMANAGMENT role from TPS-4088 to TPS-5066
  • TAC-16958 [7.3.1] New added context in jobconductor will disappears after running artifact task
  • TPS-5265 [7.3.1] Execution Plan Name not available in Triggered by Section in Job Conductor (TAC-16856)
  • TPS-5267 [7.3.1] Backport "TAC needs to capture the logging in business log when pausing / resuming Execution Plan (TAC-16820)
  • TAC-16621 [7.3.1] Add in Audit logs actions on Personal Tokens for TAC
  • TAC-16761 [7.3.1] use Long for execution task parameter id
  • TAC-16884 [7.3.1] Metaservlet: 'Cannot flush and commit transaction' when deleting ESB task
  • TAC-16909 [7.3.1] No token set error on TAC DB config page
  • TAC-16958 [7.3.1] New added context in jobconductor will disappears after running artifact task
  • TAC-16982 [7.3.1] Plan: delete parameter in plan, but it is still referenced in context parameter
  • TAC-17009 [7.3.1] The EP status should be interrupted when EP is not parallel execution
  • TAC-17021 [7.3.1] Create task failed when artifact with context (H2 db)
  • TAC-17026 [7.3.1] metaservlet help all for revokePersonalAccessTokenOfUser need update
  • TAC-17035 [7.3.1] Rollback does not work when EP is killed by timeout
  • TPS-5298 [7.3.1] The job always keep "running" when stop jobserver(TAC-16988)
  • TAC-17014 [7.3.1] Delete custom context parameter need a extra refresh to see parameter disappear
  • TAC-17057 [7.3.1] Contains the multiple repeat keys when export the config parameters
  • TPS-5332 [7.3.1] Facing issue in servers page of TAC when trying to edit the name in the label section (TAC-17044)
  • TPS-5325 [7.3.1] task status set to "Ended with Warning" and could not be triggered anymore (TAC-16790)
  • TAC-17076 [7.3.1] Migration faild from 72 to 73/801
  • TAC-17157 [7.3.1] Authorization Resource/Role assignments not properly refreshed
  • TPS-5343 [7.3.1] "use latest version" the latest artifact version is not always selected - continuation token (TAC-17158)
  • TAC-17176 [7.3.1] Master key encoded wrongly when running service in Japanese locale
  • TAC-17177 [7.3.1] "use latest version" is not the latest job for the job order in jfrog is not same as studio
  • TAC-17181 [7.3.1] migrateDatabase command Source=Oracle Target=PostgreSQL : creates empty tables in postgreSQL DB
  • TAC-17184 [7.3.1] Update context from default and custom save it will show error after deploy a new version.
  • TAC-17249 [7.3.1] job server high availability via virtual job server in case of failure does not work
  • TAC-17265 [7.3.1] Unable to create tasks with TPS-5329
  • TPS-5370 [7.3.1] Version: 500 The call failed on the server after apply the latest TAC patch (SqlServer with jtds driver)(TAC-17295)
  • TAC-17248 [7.3.1] Metaservlet migratedatabase action does not work between mysql and mssql
  • TAC-17304 [7.3.1] Old context parameter names not removed when updating task manually in TAC or using contextParamsRefresh=false with MetaServlet
  • TAC-17393 [7.3.1] Duplicate entry XXX for key 'executiontaskjobprm.PRIMARY'
  • TAC-17373 [7.3.1] Wrong unit for maxDurationBeforeCleaningOldJobs maxDurationBeforeCleaningOldExecutionsLogs, but doc showing days as unit
  • TAC-16989 [7.3.1] Update EP does not work
  • TPS-5374 [7.3.1] reset context parameter result in emply context (blank) with TPS-5343 if generatedJobs folder path is non canonical (TAC-17362)
  • TPS-5379 [7.3.1] job status stuck "running" if using postgres DB, and job generating "null" in job logs (TAC-17389)
  • TAC-17433 [7.3.1] Big data streaming Conductor could not list task entries
  • TAC-17474 [7.3.1] Big data streaming Conductor could not deploy and run
  • TPS-5391 [7.3.1] Talend jobs getting killed automatically in 7.3.1 (TAC-17432)
  • TPS-5394 [7.3.1] Task Status are not updating in TAC UI (TAC-17475)
  • TAC-17500 [7.3.1] Deadlock when reset task on jobserver timeout (Postgres Sql)
  • TPS-5362 [7.3.1] Integrate with authentication feature for JobServer's FileServer (TAC-17056)
  • TPS-5412 [7.3.1] Update jobserver client version for issue TPRUN-4892 and TPRUN-4898
  • TPS-5419 [7.3.1] Metaservlet not able to read context from Artifact (TAC-17525)

Security fixes

This patch includes the security fixes:

  • TPS-4255 [7.3.1] Security fix cross site script vulnerability in Project section (ulr field)(TAC-14300)
  • TPS-4698 [7.3.1] Stored Cross Site Scripting (XSS) (TAC-14821)
  • TAC-14921 [7.3.1] External library updates
  • TAC-14806 [7.3.1] TAC Web UI cookie contains version information
  • TAC-14167 [7.3.1] Fix OS commands injection issues
  • TAC-15110 [7.3.1] Security method SecurityUtils.isSafePath() doesn't work correctly on windows env
  • TAC-15259 [7.3.1] TAC vulnerability - "Auto-complete-enabled"
  • TAC-15032 [7.3.1] VULN ID - 53109575 - Insufficient Authentication
  • TAC-15026 [7.3.1] VULN ID - 53109573 - Session Fixation
  • TAC-15030 [7.3.1] VULN ID - 53109571 -Insufficient session expiration
  • TAC-15305 [7.3.1] Vulnerability is in a direct dependency XStream Core
  • TAC-15478 [7.3.1] Vulnerability found in json-smart lib
  • TAC-15517 [7.3.1] This vulnerability is in a direct dependency Maven Core was found
  • TAC-15589 [7.3.1] Vulnerability found in maven-compat lib
  • TAC-15242 [7.3.1] All remaining SQL Injection flaws
  • TAC-15085 [7.3.1] Hibernate SQL Injection vulnerability in Embedded H2 backup mechanism
  • TAC-15746 [7.3.1] This vulnerability is in a transitive dependency maven shared utils
  • TAC-15689 [7.3.1] Vulnerability found in commons-compress, apache shiro, jsoup Java html parser, xstream-core lib
  • TAC-15950 [7.3.1] Vulnerability in "forgot password" functionality in TAC
  • TAC-15992 [7.3.1] Forgot password should be executed for existing and not existing user for the same time
  • TAC-16076 [7.3.1] Log4j security Vulnerability - CVE-2021-44228 & CVE-2021-45046 in TAC
  • TAC-16133 [7.3.1] This vulnerability was found in version 2.1.6 of Apache XML Security for Java
  • TAC-16115 [7.3.1] TAC - Log4j2 CVE-2021-45105 DOS attack Fix - Version (2.17.0 update)
  • TAC-15298 [7.3.1] Talend - 01 - OTG-INFO-005 - Review Webpage Comments and Metadata for Information Leakage
  • TAC-16213 [7.3.1] Update H2 dependency to 2.0.206
  • TAC-16344 [7.3.1] Update H2 dependency to 2.1.210
  • TAC-16487 [7.3.1] Vulnerable library JDOM was found in org.talend.migration.artifactory/pom.xml
  • TAC-16486 [7.3.1] Vulnerable library Liquibase was found in org.talend.migration/pom.xml
  • TAC-16390 [7.3.1] CVE-2022-29943: Talend2 - 01 - XXE
  • TAC-16407 [7.3.1] CVE-2022-29942: Talend2 - 03 - SSRF
  • TAC-16485 [7.3.1] Remove the log4j 1.2.17 in nexus-signature-migration jar
  • TAC-16420 [7.3.1] Talend2 - 02 - Database authentication testing endpoint is not authenticated
  • TAC-16567 [7.3.1] CVE-2021-43859: Vulnerable library XStream Core 1.4.18
  • TAC-16568 [7.3.1] CVE-2020-36518: Vulnerable library jackson-databind 2.12.2
  • TAC-16624 [7.3.1] CVE-2022-23181: Vulnerable library tomcat-catalina 9.0.54
  • TAC-16644 [7.3.1] SSOUtils.buildErrorPage doesn't escape the error message
  • TAC-16668 [7.3.1] Update to Apache CXF 3.5.2 for TAC
  • TAC-16792 [7.3.1] Session creation is insecure
  • TAC-16794 [7.3.1] For cookie "dbadminsession" HttpOnly needs to be added
  • TAC-14807 [7.3.1] Fix possible SQL Injection issues
  • TAC-16977 [7.3.1] CVE-2022-32532: Update apache shiro to 1.9.1 version
  • TAC-16978 [7.3.1] CVE-2022-25647: Update Gson lib to version 2.9.0
  • TAC-16980 [7.3.1] CVE-2022-23221: Update Maven Core to version 3.8.6
  • TAC-16979 [7.3.1] CVE-2021-26291: Update H2 Database Engine to version 2.1.214
  • TAC-17017 [7.3.1] CVE-2022-33980: Update Apache Commons Configuration to version 2.8.0
  • TAC-16985 [7.3.1] Implement file path traversal guards
  • TAC-17227 [7.3.1] Remove default credentials to nexus and artifactory
  • TAC-17331 [7.3.1] CVE-2022-23437: Vulnerable lib Xerces 2.12.0 found in TAC
  • TAC-17330 [7.3.1] CVE-2022-40150: Vulnerable lib Jettison 1.4.0 found in TAC
  • TAC-17332 [7.3.1] CVE-2022-40664: Vulnerable lib shiro-web found in TAC
  • TAC-17354 [7.3.1] CVE-2022-42003: Vulnerable library jackson-databind was found in TAC
  • TAC-17340 [7.3.1] CVE-2022-42889: Update lib apache.commons-text
  • TAC-17424 [7.3.1] CVE-2022-25857: Vulnerability was found in library SnakeYAML version 1.26
  • TAC-17482 [7.3.1] CVE: commons-codec:commons-codec:1.11(to 1.15)
  • TAC-17483 [7.3.1] CVE: CVE-2022-36033 org.jsoup:jsoup:1.14.2 (to 1.15.3)
  • TAC-17354 [7.3.1] CVE-2022-42003: Vulnerable library jackson-databind was found in TAC (fixed in org.talend.migration.nexus)
  • TAC-17426 [7.3.1] CVE-2021-20293: Vulnerability was found in library RestEasy core version 4.5.10.Final
  • TAC-17541 [7.3.1] Update CXF library to version 3.5.2
  • TAC-17542 [7.3.1] CVE-2021-33813: Remove vulnerable jdom-1.1 from project
  • TAC-17546 [7.3.1] CVE-2019-7611: Vulnerability found old in org.elasticsearch:elasticsearch 2.4.3
  • TAC-17548 [7.3.1] CVE-2021-29425: Vulnerability found in commons-io version 2.6
  • TAC-17549 [7.3.1] Vulnerability found in org.json:org.json:20120509 and org.json:json:20140107
  • TAC-17543 [7.3.1] Update org.apache.jclouds:jclouds* to version 2.5.0
  • TAC-17553 [7.3.1] Update Pax URL Aether

Deprecated items

From TPS-4913, below features are deprecated:

  • Activity Monitoring Console(AMC)
  • Publisher
  • SVN for project storage

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!