Skip to main content Skip to complementary content

R2024-06-RT (monthly release cumulative patch)

Info Value
Patch Name Patch_20240621_R2024-06_v1-RT-8.0.1.R2024-05-RT
Release Date 2024-06-21
Target Version 20240524_1200-8.0.1.R2024-05-RT
Product affected Talend ESB Runtime

Introduction

This patch is cumulative. It includes the previous generally available patches from Talend ESB Runtime 8.0.1.R2024-05-RT.

NOTE: To download this patch, contact Talend Support.

Prerequisites

Consider the following requirements for your system:

  • Talend ESB Runtime 8.0.1.R2024-05-RT must be installed. either as full build or by previously patching an older runtime with Patch-20240524_R2024-05_v1-RT-8.0.1.R2023-08-RT.zip. Installation of the present patch over an older Talend ESB runtime version is rejected. More information about the installation of this version is available in the online documentation: https://help.talend.com/r/en-US/Cloud/installation-guide-linux/upgrading-runtime.

  • Depending on the product, {container} is Talend-ESB-V8.0.1.R2024-05-RT/container/ or Talend-Runtime-V8.0.1.R2024-05-RT/

For all inserted properties:

  • if property already present (commented or uncommented), won't insert
  • if property not already present, will backup related file in dir {container}/patches/Patch_20240621_R2024-06_v1-RT-8.0.1.R2024-05-RT/backup/ and insert property

For all updated properties:

  • if property commented or not already present, won't update
  • if property already present, will backup related file in dir {container}/patches/Patch_20240621_R2024-06_v1-RT-8.0.1.R2024-05-RT/backup/ and update property

If any change required, update value after patch execution.

Installation

Container

  • Start Runtime Container
  • Extract & replace the content of ZIP directory container into {container} directory

Structure after extract & replace should be :

{container}
├───bin     : existing dir
├───deploy  : existing dir
├───etc     : existing dir
├───...
├───patches : dir from current or previous patch
│   └───Patch_20240621_R2024-06_v1-RT-8.0.1.R2024-05-RT
│           patch.bat
│           patch01.commands
│           patch02.commands
│           patch03.commands
│           patch.sh
│           talend-esb-patch-<version>.jar
│           logs/ : directory for logs installation
├───system  : existing dir
│   ├───... : existing dir
├───...

  • Ensure username/password are right in {container}/patches/Patch_20240621_R2024-06_v1-RT-8.0.1.R2024-05-RT/patch.bat or {container}/patches/Patch_20240621_R2024-06_v1-RT-8.0.1.R2024-05-RT/patch.sh

    ... -u {username} -p {password} -f patch.commands ...

  • Execute {container}/patches/Patch_20240621_R2024-06_v1-RT-8.0.1.R2024-05-RT/patch.bat or {container}/patches/Patch_20240621_R2024-06_v1-RT-8.0.1.R2024-05-RT/patch.sh

  • Ensure directory {container}/patches/Patch_20240621_R2024-06_v1-RT-8.0.1.R2024-05-RT/logs contains new log files :
    • xxx-installation.log: patch installation log
    • xxx-init.log: state before patch installation
    • xxx-installed.log: state after patch installation 
      Please note that Routes using cMap (TDM feature) are not automatically restarted by the patch procedure.
You will need to restart the Runtime Container for changes to take effect.

Warning: JRE 11.0.20 or 17.0.8 may refuse to open JAR or other ZIP files from Talend ESB runtime or the patch
installer. They complain about invalid CEN headers. This is caused by an incompatibility with JARs and other ZIP
files created by commonly used Apache tools. It has been fixed with JRE 11.0.21 and 17.0.9, and you need to upgrade
your JRE to one of these or a newer version.

Warning: Some patches perform updates of the Bouncycastle libraries. This may lead to ssh connection errors
after patch when using Oracle jdk. A shutdown and restart of the Talend Runtime resolves the issue.

Notes

Bundle resolution errors

The updates are performed in three iterations. During the first and second iteration bundle resolution errors are showing up on the console and in the logs. This is expected, and these errors are resolved in the third iteration. The total patch process takes several minutes, but should not exceed 15 minutes depending on the number of features installed and the hardware.

R2024-06

Issues fixed in 2024-06

TPRUN

  • TPRUN-8231: Talend ESB runtime patching: Update feature file "specs" only if present
  • TPRUN-8280: CVE-2023-5685 - Update of xnio in Talend ESB runtime
  • TPRUN-8367: Talend ESB 8.0.1 RT - CVE-2024-37902 - update of djl api to 0.28.0

TDM

  • TDM-10763: The error when read copybooks in TDM
  • TDM-10856: NullPointerException using Flat Representation when log level is DEBUG
  • TDM-10878: When the “major” and “minor” attributes are added in tHMap the default namespace is not set in the generated XML
  • TDM-10896: install feature talend-data-mapper-eclipse on ESB runtime fails

CVE fixed in 2024-06

CVE-2023-5685 xnio 3.8.11.Final -> 3.8.14.Final CVE-2024-37902 ai.djl 0.21.0 -> 0.28.0

R2024-05

Issues fixed in 2024-05

TPRUN

  • TPRUN-7972: Unable to deploy Route which has SMB Protocol in Runtime
  • TPRUN-7514: Update of Talend ESB runtime Camel dependency to 3.20.9
  • TPRUN-7908: Fix apache transitive dependencies in tesb repo
  • TPRUN-8115: Integrate latest JobServer patch version 8.0.2.202405071504patch into ESB
  • TPRUN-8070: Feature dependency camel-google-storage/0.0.0 is not available
  • TPRUN-8138: Missing camel-zookeeper-master lib

TDM

  • TDM-9959: CSV writer doesnt generate default header
  • TDM-10554: Migrate DataFormatDateConverter from joda to java.time
  • TDM-10737: Update TDM maplang libraries to new version 1.12.0

CVE fixed in 2024-05

  • CVE-2024-28752 cxf 3.5.6 -> 3.5.8 (backport no longer required)
  • CVE-2024-22243 spring 5.2.24 -> 5.3.34 (syncope, full build only)
  • CVE-2022-22978 spring-security 5.3.13 -> 5.7.12 (syncope, full build only)
  • CVE-2023-20873 spring-boot 2.7.6 -> 2.7.18 (syncope, full build only)
  • CVE-2021-42575 owasp-java-html-sanitizer 20191001.1 -> 20211018.1 (syncope, full build only)
  • CVE-2022-46364 cxf 3.3.13 -> 3.5.8 (syncope, full build only)
  • CVE-2022-44729 batik-bridge 1.14 -> 1.31 (syncope, full build only)
  • CVE-2022-25857 snakeyaml 1.27 -> 1.33 (syncope, full build only)
  • CVE-2020-36518 ehcache 2.10.9.2 (embedded jackson-databind 2.11.1) removed (syncope, full build only)

For previous patches : see 2024-04 patch release notes

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here