ON THIS PAGE

DID THIS PAGE HELP YOU?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Full Installer Release 8.0.1-R2023-08-RT (monthly release cumulative patch) (monthly release cumulative patch)

Info	Value
Release Name	TalendRuntime-8.0.1-R2023-08-RT-linux-x64-installer and TalendRuntime-8.0.1-R2023-08-RT-windows-installer
Release Date	2023-08-28
Product affected	Talend ESB Runtime

Caution

This release differs from the previously released monthly patches. It contains a complete updated Talend ESB Runtime 8.0.1, with its installer. It is not meant to be installed as a patch but as a new ESB runtime installation. All services have to be redeployed on this new installation.

Introduction

This version update is cumulative. It includes the previous generally available patches from Talend ESB Runtime 8.0.1, as well as the original 8.0.1 ESB runtime setup. This release is a complete ESB runtime setup that would serve as a target version for future monthly patches. It requires a full reinstallation of the Talend Runtime and Studio, see On Prem upgrade guide or Cloud upgrade guide

NOTE: To download this patch, contact Talend Support.

Notes

R2023-08-RT

Issues fixed in 2023-08

TPRUN

TPRUN-3588: Camel version upgrade to 3.20.6 LTS
TPRUN-4800: Karaf version upgrade to 4.4.3
TPRUN-5093: CXF version upgrade to 3.5.6
TPRUN-5095: ActiveMQ version upgrade to 5.17.4
TPRUN-5105: Zookeeper version upgrade to 3.7.1
TPRUN-6482: Talend ESB runtime - remove obsolete Karaf features with security issues.

CVE fixed in 2023-08

CVE-2022-39368 californium 2.6.3 -> 2.7.4
CVE-2023-24998 commons-fileupload 1.4 -> 1.5
CVE-2020-17521 groovy2 2.4.4 -> 2.4.21
CVE-2022-25647 gson 2.8.7 -> 2.10.1
CVE-2023-2976, CVE-2020-8908, CVE-2018-10237 guava (19.0 - 31.0.1-jre) -> 32.1.1-jre
CVE-2023-33265 hazelcast 4.2.1 > 5.2.4
CVE-2020-13956 httpclient 4.5.13 -> 4.5.14
CVE-2023-33008 johnzon (1.2.14, 1.2.18) -> 1.2.21
CVE-2023-1370 json-smart 2.4.9 -> 2.4.10
CVE-2022-41946 postgresql-jdbc (42.2.8, 42.2.14) -> 42.6.0
CVE-2023-34455 snappy 1.1.7.3 -> 1.1.10.1
CVE-2023-34034 spring-security 5.6.9 -> 5.7.10
CVE-2023-32697 sqlite-jdbc 3.34.0 -> 3.42.0.0
CVE-2023-35887 sshd-osgi 2.9.2 -> 2.10.0
CVE-2022-42890, CVE-2022-41704 xmlgraphics-batik 1.14 -> 1.16
CVE-2023-33201 bcprov-jdk15on 1.69 -> 1.74

For previous patches : see 2023-07 patch release notes

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here