R2025-09-RT (monthly release cumulative patch)
Info | Value |
---|---|
Patch Name | Patch_20250929_R2025-09_v1-RT-8.0.1.R2025-02-RT |
Release Date | 2025-09-29 |
Target Version | 20250221_1200-8.0.1.R2025-02-RT |
Product affected | Talend ESB Runtime |
Introduction
This patch is cumulative. It includes the previous generally available patches from Talend ESB Runtime 8.0.1.R2025-02-RT.
NOTE:
- To download this patch, contact Talend Support.
- Keeping Studio and Talend Runtime versions in sync is highly recommended. Using unaligned versions is a risk.
Prerequisites
This patch must be installed on top of Talend ESB Runtime version 8.0.1.R2025-02-RT (Camel 4) or later. The installation on an older Talend ESB Runtime version will be rejected. More information about the installation of this version is available in the online documentation: https://help.talend.com/r/en-US/Cloud/installation-guide-linux/upgrading-runtime.
Installation
Depending on the product, {container}
is Talend-ESB-V8.0.1.R2025-02-RT/container/
or Talend-Runtime-V8.0.1.R2025-02-RT/
For all inserted properties:
- if property already present (commented or uncommented), won't insert
- if property not already present, will backup related file in dir
{container}/patches/Patch_20250929_R2025-09_v1-RT-8.0.1.R2025-02-RT/backup/
and insert property
For all updated properties:
- if property commented or not already present, won't update
- if property already present, will backup related file in dir
{container}/patches/Patch_20250929_R2025-09_v1-RT-8.0.1.R2025-02-RT/backup/
and update property
If any change required, update value after patch execution.
Installation Steps
- Start Runtime Container
- Extract & replace the content of ZIP directory
container
into{container}
directory
Structure after extract & replace should be :
{container}
├───bin : existing dir
├───deploy : existing dir
├───etc : existing dir
├───...
├───patches : dir from current or previous patch
│ └───Patch_20250929_R2025-09_v1-RT-8.0.1.R2025-02-RT
│ patch.bat
│ patch01.commands
│ patch02.commands
│ patch03.commands
│ patch.sh
│ talend-esb-patch-<version>.jar
│ logs/ : directory for logs installation
├───system : existing dir
│ ├───... : existing dir
├───...
Ensure username/password are right in
{container}/patches/Patch_20250929_R2025-09_v1-RT-8.0.1.R2025-02-RT/patch.bat
or{container}/patches/Patch_20250929_R2025-09_v1-RT-8.0.1.R2025-02-RT/patch.sh
... -u {username} -p {password} -f patch.commands ...
Execute
{container}/patches/Patch_20250929_R2025-09_v1-RT-8.0.1.R2025-02-RT/patch.bat
or{container}/patches/Patch_20250929_R2025-09_v1-RT-8.0.1.R2025-02-RT/patch.sh
- Ensure directory
{container}/patches/Patch_20250929_R2025-09_v1-RT-8.0.1.R2025-02-RT/logs
contains new log files :xxx-installation.log
: patch installation logs (one per restart)xxx-init.log
: state before patch installationxxx-installed.log
: state after patch installationPlease note that Routes using cMap (TDM feature) are not automatically restarted by the patch procedure. You will need to restart the Runtime Container for changes to take effect.
Warning: JRE 17.0.8 may refuse to open JAR or other ZIP files from Talend ESB Runtime or the patch
installer. They complain about invalid CEN headers. This is caused by an incompatibility with JARs and other ZIP
files created by commonly used Apache tools. It has been fixed with 17.0.9, and you need to upgrade
your JRE to 17.0.9 or later.
Notes
Bundle resolution errors and patch process duration
The updates are performed in 2 iterations. During the first iteration, bundle resolution errors might show up in the console and logs. This is expected, as the errors are resolved in the second (final) iteration. The total patch process takes several minutes and depends on the number and nature of patch updates, the deployments present in the Talend ESB Runtime, and the system's hardware. The patch bundle restarts automatically multiple times, one log file is created at each restart. The estimate of remaining patch time is currently disabled by default as it causes issues with cxf update.
R2025-09
Issues fixed in 2025-09
DPE
- DPE-550: Repair webconsole feature
- DPE-1315: Talend ESB 8.0.1 Camel 4: Update pax-web to 11.0.x
- DPE-1511: [Support][Talend Runtime] - Regression: cREST Component Returns XML as String Instead of JSON in Talend 8 Runtime
- DPE-1704: Add missing bundle in camel-aws-bedrock feature
- DPE-1753: Talend ESB 8.0.1 Camel 4: Security updates for 2025-09
- DPE-1802: Integrate JobServer version 8.0.2.202509221354patch for FIPS support
TDM
- QTDM-1331: [DSQL Map Editor] Unexpected result in a recursive map
- QTDM-1398: [DSQL Map] Unexpected result for Test Run for an Element of Unrolled/Split Entries with the same key
- QTDM-1421: Fail to parse cobol data with a structure containing Redefines_Choice without isPresent expressions
CVE fixed in 2025-09
CVE-2025-58057 netty 4.1.119.Final -> 4.1.127.Final CVE-2025-55163 netty 4.1.119.Final -> 4.1.127.Final CVE-2025-41242 spring 6.1.21 -> 6.2.10 CVE-2025-5115 jetty 12.0.23 -> 12.0.26 CVE-2025-58782 jackrabbit 2.20.17 -> 2.22.2 CVE-2025-48924 commons-lang3 2.17.0 -> 2.18.0 CVE-2025-7962 angus-mail 2.0.3 -> 2.0.4 CVE-2025-48976 commons-fileupload 1.5 -> 1.6.0 CVE-2025-53864 nimbus-jose-jwt 9.40 -> 10.4
Backported security fixes
CVE-2025-27636 camel-support 4.8.1.20250320 <- camel-support 4.8.5 CVE-2025-29891 camel-support 4.8.1.20250320 <- camel-support 4.8.5 CVE-2025-30177 camel-undertow 4.8.1.20250320 <- camel-undertow 4.8.6 CVE-2025-48795 cxf-core 4.1.0.2 <- cxf-core 4.1.1 CVE-2025-48913 cxf-rt-transports-jms 4.1.0.2 <- cxf-rt-transports-jms 4.1.3
R2025-08
Issues fixed in 2025-08
DPE
- DPE-240: CFG file doesn't mask passwords and other sensitive data
- DPE-1526: upgrade langchain4j for ai component.
- DPE-1528: Issue with <oneway> tRestRequest component
- DPE-1588: Talend ESB runtime: install reactor-core and reactive-streams by default
- DPE-1596: [Support][Talend Runtime] - ESB Runtime Server problem with Minio connection
- DPE-1628: cTextTemplate route failed to deploy to runtime
- DPE-1630: ClassCastException: class CacheManagerPersistenceConfiguration cannot be cast to DefaultPersistenceConfiguration
- DPE-1707: java.lang.ClassNotFoundException: org.apache.commons.lang.exception.NestableRuntimeException when SAM is checked on tRESTRequest
TDM
- QTDM-1407: Update TDM maplang libraries to new version 1.16.0
- QTDM-1316: Improve the behaviour when map output is recursive with csv representation
R2025-07
Issues fixed in 2025-07
DPE
- DPE-1350: [Support][Talend Runtime] - Java.lang.ClassNotFoundException: io.micrometer.observation.ObservationConvention cannot be found by org.apache.servicemix.bundles.spring-web_6.1.14.1
- DPE-1376: Issue with Camel 4 Salesforce option fallBackReplayId
- DPE-1481: TESB RT 8.0.1 Camel 4: CVE fixes for R2025-07
CVE fixed in 2025-07
CVE-2025-52999 hazelcast 5.4.0 -> 5.5.0 (embedded Jackson core 2.14.2 -> 2.17.2) CVE-2025-49146 postgresql jdbc driver 42.7.4 -> 42.7.7 CVE-2024-1233 disable camel-elytron (deprecated for removal by camel) CVE-2025-53689 jackrabbit 2.20.9 -> 2.20.17, 2.22.0 -> 2.22.1
R2025-06
Issues fixed in 2025-06
DPE
- DPE-1267: TESB RT 8.0.1 Camel 4: Add eclipse angus activation and mail to pre-installed bundles
- DPE-1268: CVE fixes for R2025-06
- DPE-1271: Fail to run deployed kar with cAzureServiceBus in runtime
TDM
- QTDM-494: Replace old expression language in Avro schemas with DSEL
- QTDM-561: [DSQL Map] JSONTokenerException occurs when doing a TestRun
- QTDM-1301: JSON sax reader does not parse recursive data
CVE fixed in 2025-06
CVE-2025-48734: commons-beanutils 1.9.4 → 1.11.0
R2025-05
Issues fixed in 2025-05
DPE
- DPE-795: Some features fail when trying to install them
- DPE-1043: Patch installation gets stuck if runtime contains spaces in path
- DPE-1160: TESB RT 8.0.1 Camel 4 - May 2025 security updates
- DPE-1138: Technical preview of decanter with upgrade to Jakarta EE 10
- DPE-1194: Missing classes for messaging components
TDM
- QTDM-1305: Update TDM maplang libraries to new version 1.15.0
CVE fixed in 2025-05
CVE-2025-46762: parquet-avro 1.15.1 -> 1.15.2
R2025-04
Issues fixed in 2025-04
DPE
- DPE-772: Talend ESB runtime 8.0.1 Camel 4: Check latest Camel and Karaf versions for updates to backport
- DPE-1036: Patch Process - Bundle refreshes during feature refreshes indefinitely block FeaturesServiceImpl
- DPE-1042: Circular dependency between tesb-security-common and talend-job-controller
TDM
- QTDM-489: Remove support for Database Representation (Phase 2)
- QTDM-93: Parser of the TDM expression language generates lot of errors
CVE fixed in 2025-04
CVE-2024-12369: wildfly-elytron 2.2.7.Final -> 2.2.10.Final CVE-2025-30065: parquet-avro 1.14.3 -> 1.15.1 CVE-2025-27427: artemis-server 2.37.0 -> 2.40.0 CVE-2025-30177: camel-undertow 4.8.1 -> 4.8.1.20250320 (backport of security fix from camel-undertow 4.8.6) CVE-2024-38821: servicemix spring-security 6.2.11 -> 6.2.71
R2025-03
Issues fixed in 2025-03
DPE
- DPE-818: Talend ESB runtime 8.0.1 Camel 4: Hardening of XACML registry resource identifiers provided via REST request
- DPE-852: Talend ESB 8.0.1 Camel 4 runtime: CVE-2025-27636: Backport fix to custom Camel 4.8.1
- DPE-873: Issue deploying Route with Camel azure-storage-queue in R2025-02-RT
- DPE-885: Talend ESB runtime 8.0.1 Camel 4: Update ActiveMQ to 6.1.6
TDM
- QTDM-121: [DSQL Map] Inconsistency between JSON and XML results on a decimal value
- QTDM-133: [DSQL Map] Avoid reporting the same error message twice
- QTDM-351: CSVSaxReader must accept root schema
- QTDM-382: Generate xsi namespace declaration no longer works for XML representation
- QTDM-375: The generated XML can be invalid when we use the option 'omit group map entry/key/value on output'
- QTDM-96: Remove support for JavaBean Representation (Phase 2)
- QTDM-450: COBOL Reader default choice strategy may hide Structure errors
- QTDM-413: [DSQL Map] Need functions getValueFromExternalMap and putValueToExternalMap
- QTDM-471: Update TDM maplang libraries to new version 1.14.0
CVE fixed in 2025-03
CVE-2025-27636, CVE-2025-29891: camel-support 4.8.1.20240820 -> 4.8.1.20250310 (backport of security fix from camel-support 4.8.5) CVE-2025-25247: felix-webconsole 5.0.8 -> 5.0.10 CVE-2025-2240: smallrye-fault-tolerance 6.4.0 -> 6.9.0
R2025-02
Issues fixed in 2025-02
DPE
- Upgrade to camel 4.8.1, java 17
TDM
- QTDM-85: TDM cMap component migration to Camel 4
- QTDM-257: Upgrade Hibernate to version depending on jakarta.xml.bind
- QTDM-255: Upgrade Saxon library to 12.5
- QTDM-285: Upgrade Saxon dependency from 9.9 to 12.5 in org.talend.transform.runtime.lib
- QTDM-290: Remove joda-time dependency from Database Representation
- QTDM-310: Add Map Group processing to XML Representation (output)
- QTDM-75: Add Map Group processing to XML Representation (input)
- QTDM-352: HashmapSaxReader must accept root schema
- QTDM-321: the value of odtEdiControl.txt is increasing when ISA13 is mapped
- QTDM-349: Hibernate version 6.x forces use of Java17. Move back to version 5
- QTDM-334: Format is wrong when show sample for map group structure and check 'omit group map entry/key/value on input'
For previous patches : see 2025-01 patch release notes