Skip to main content Skip to complementary content
Qlik Resources
Announcements
Loading SearchUnify's search If you need assistance with your product, please contact Qlik Support.
Qlik Customer Portal
Loading SearchUnify's search If you need assistance with your product, please contact Qlik Support.
Qlik Customer Portal

Talend Remote Engine v2.14.1

Talend Remote Engine v2.14.1 is generally available.

Security enhancements

Issue Description
DPE-2376 Upgraded the following engine dependencies to address potential vulnerabilities:
  • Apache ActiveMQ Client: 5.19.1 to 5.19.2
  • Apache Commons Codec: 1.20.0 to 1.21.0
  • Apache Commons Text: 1.14.0 to 1.15.0
  • Apache CXF: 3.6.9 to 3.6.10
  • Apache HTTP Client 5: 5.5.1 to 5.6
  • Apache Karaf: 4.4.8 to 4.4.9
  • Apache Log4j: 2.24.3 to 2.25.3 (partial mitigation of CVE-2025-68161)
  • Jackson: 2.20.0 to 2.21.0
  • Spring: 6.2.14 to 6.2.16
  • OSHI: 6.8.3 to 6.9.3
  • AWS SDK: 2.40.0 to 2.41.32 (partial upgrade)
DPE-2224 Secured the Apache Karaf SSH password for Talend Remote Engine deployments from an archive.

For archive-based installations, the default Apache Karaf SSH password (tadmin) is now replaced with a randomly generated password on the first engine startup. The generated password is printed to the console during startup. If you did not save it, you can set a new password at any time. For instructions, see Changing the SSH password (Linux) or Changing the SSH password (Windows).
DPE-2480 Deactivated JMX in the Talend Remote Engine by default to reduce the attack surface.

To turn JMX back on, see Enabling JMX for Talend Remote Engine (Linux) or Enabling JMX for Talend Remote Engine (Windows).
DPE-2490 Encrypted the preauthorized key in the Talend Remote Engine preauthorized.key.cfg file.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here