TPS-5614 (cumulative patch)
Info | Value |
---|---|
Patch Name | Patch_20241115_TPS-5614_v2-7.3.1 |
Release Date | 2024-11-15 |
Target Version | 20200219_1130-V7.3.1 |
Product affected | Talend Administration Center |
Introduction
This patch is cumulative. It includes all previous generally available patches for Talend Administration Center 7.3.1.
NOTE: To download this patch, liaise with your Support contact at Talend.
Prerequisites
Consider the following requirements for your system:
- Talend Administration Center 7.3.1 must be installed.
Installation
- Log in to TAC and switch to Configuration-> Software Update, then enter the correct values and save. Follow the procedure described in the documentation: https://help.talend.com/r/en-US/7.3/installation-guide-big-data-linux/config-update-repo
- Switch to Software update page, where the new patch will be listed. The patch can be downloaded from here into the nexus repository.
- Login to local Nexus, and download the patch file.
- Stop all TAC instances.
- Please backup your database (if you meet issues with new patch, you can change to old one with this backup)
- Create a patch directory (eg:
<Talend>
/TAC_Patch). - Unzip patch file you received from support into this directory, then unzip the org.talend.administrator.war file as org.talend.administrator folder. (Note: Please rename org.talend.administrator-7.3.1.war if your old TAC application folder has a different name. Set the same name as your old TAC application name.)
- Create a backup directory (eg:
<Talend>
/TAC_Backup). - Copy folder
<Tomcat>
/webapps/org.talend.administrator into the backup directory. DO NOT place org.talend.administrator backup folder into webapps directory. - In
<Tomcat>
/webapps/ directory, remove the previous org.talend.administrator folder, then copy the org.talend.administrator folder unzipped at step 6 and paste in the current directory. Restore TAC configuration by replacing
<Tomcat>
/webapps/org.talend.administrator/WEB-INF/classes/configuration.properties and quartz.properties with the same files that are stored in your backup directory.Note:
- Make sure that no other instances of TAC webapp are deployed into Tomcat's webapps folder. Make sure your TAC backup folder has NOT been stored in
<Tomcat>
/webapps folder. - Restore DB driver by copying driver to
<Tomcat>
/webapps/org.talend.administrator/WEB-INF/lib (available in backup directory<Talend>
/TAC_Backup). - If your TAC database is H2 db and embedded in TAC web folder (
<Tomcat>
/webapps/org.talend.administrator/WEB-INF/database by default), don't forget to restore H2 db by replacing this folder with the exact corresponding folder from your backup directory. - H2 version in this patch is updated due to security reasons. To migrate to new version of H2, please follow the documentation: https://help.talend.com/r/en-US/7.3/migration-upgrade-guide-big-data/upgrading-the-h2-database-after-changing-h2-driver-to-21210.
- If your TAC works with SSO, you should restore the IDP Metadata file (
<Tomcat>
/webapps/org.talend.administrator/WEB-INF/classes/IDPMetadata.xml) from your backup directory.
- Make sure that no other instances of TAC webapp are deployed into Tomcat's webapps folder. Make sure your TAC backup folder has NOT been stored in
Restart TAC.
Note:
- It's recommended to clear browser cache after TAC patch has been applied.
- New configurable parameter for Jobserver connection timeout:
jobserverClient.port.timeout
, please update the value in DB when you meet theSocketTimeoutException
error(unit is millisecond), SQL statement example:UPDATE configuration SET configuration.value = "8000" WHERE configuration.key = "jobserverClient.port.timeout";
; - Log4j CVE-2021-44228 & CVE-2021-45046 fixed on Patch_20211217_TPS-5025_v1: please rebuild the jobs with latest Studio patch.
- If the fix is in scope of TPS-4991 and you want to activate it, please set the following property as true in JVM:
org.talend.tac.esb.feature.install.error.refresh = true
; The default value is false, so if not needed it is not recommended to change it. - New LDAP connection timeout parameter:
ldap.config.timeout
. You can change it by editing the value of the ldap.config.timeout property in milliseconds in the database configuration table. - In case of patch rollback, only the backup database can be used
Repeat the above steps for each instance.
TPS-5614v2
Other issues fixed in TPS-5614v2
- QTAC-373 [7.3.1] TAC SSO Mapping Configuration not saved correctly
TPS-5614
CVEs fixed in TPS-5614
- QTAC-35 [7.3.1] CVE-2024-47561 org.apache.avro:avro 1.11.3
- QTAC-34 [7.3.1] CVE-2024-47554 Commons-Io:commons-Io 2.11.0 and 2.8.0
- QTAC-33 [7.3.1] CVE-2024-7254 com.google.protobuf:protobuf-java 4.27.3 and 2.5
- QTAC-61 [7.3.1] [security] SSRF via Configuration URLs
Other issues fixed in TPS-5614
- QTAC-93 [7.3.1] Improve Path Validation for log path
- QTAC-165 [7.3.1] Remove signature in the Job artifacts generated by 7.3 Studio
- QTAC-237 [7.3.1] LDAP query built from user-controlled sources
- QTAC-290 [7.3.1] Add time out config for connection on nexus/nexus3/Artifactory(default value is 30s)
TPS-5613
CVEs fixed in TPS-5613
- TAC-19852 [7.3.1] CVE-2024-28752: SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8
Other issues fixed in TPS-5613
- TAC-18872 [7.3.1] ERROR DatabaseInitializer - Update database schema for patch fail after restarting tomcat while using H2 DB
TPS-5609
CVEs fixed in TPS-5609
- TAC-19789 [7.3.1] CVE-2024-34750 org.apache.tomcat:tomcat-coyote 9.0.89
Other issues fixed in TPS-5609
- TAC-19646 [7.3.1] TAC support Azure Flexible Server
- TAC-19529 [7.3.1] logs does not download If Technical and Business log set path to root directory
- TAC-19735 [7.3.1] Fix the sending | deploying error when run task with virtualserver caused by same server hosts and ports
TPS-5608
Other issues fixed in TPS-5608
- TAC-17397 [7.3.1] Retry mechanism needed when "use latest version" is facing random nexus api failure 500: "Asset search returned no results"
- TAC-19026 [7.3.1] Change log level WARN to debug
- TAC-19593 [7.3.1] Download failed when the log path is not exist
- TAC-19617 [7.3.1] support both jobserver.log.retreiver.deprecated=true and jobserver.log.retriever.deprecated=true
- TAC-19626 [7.3.1] TAC able to reuse Jobconductor generatedJobs cache to run task when Nexus down
- TAC-19668 [7.3.1] Path Validation for log path is too strict
- TAC-19585 [7.3.1] fix typo "DEBUG SSOUtils - Remove SSO initlizaiton info from TAC"
- TAC-19732 [7.3.1] Add cache to improve load properties file from job
- TAC-19729 [7.3.1] Fix the long sending and deploy status for the first run against virtual server
TPS-5607
CVEs fixed in TPS-5607
- TAC-19384 [7.3.1] Findings in: shiro-web:1.12.0
Other issues fixed in TPS-5607
- TAC-19405 [7.3.1] Undefined context variables printed when using tContextDump
- TAC-19586 [7.3.1] Improve validation of log path
- TAC-18907 [7.3.1] Remove the parameter of maxDurationsOnEmptyLog & maxDurationsOnIdlePlan
- TAC-19370 [7.3.1] Security issues Configuration page
- TAC-19429 [7.3.1] Context parameters in plan A are reset and impacted by deleting a different plan B
- TAC-19594 [7.3.1] Keep context parameter open delete plan by metaservlet and refresh context parameter will throw 500
- TAC-19614 [7.3.1] It should not limit tomcat patch as log path
- TAC-19512 [7.3.1] Trigger context fileName, filePath and folderPath not passed to the job when set more than two custom value empty
- TAC-19519 [7.3.1] TAC menu - Dynamic Links not responding to click
TPS-5548
CVEs fixed in TPS-5548
- TAC-19377 [7.3.1] xmlsec:2.2.3 | CVE-2023-44483
- TAC-19383 [7.3.1] tomcat-coyote:9.0.83 | CVE-2024-24549
Other issues fixed in TPS-5548
- TAC-19368 [7.3.1] Password available in clear text HTTPS responses
- TAC-19369 [7.3.1] Security issues with listConnection API
- TAC-19095 [7.3.1] Possible further improvement regarding handling Execution task state recovering failed
- TAC-19340 [7.3.1] Jobs stuck in requesting run state for more than 30+ mins
TPS-5546
CVEs fixed in TPS-5546
- TAC-19106 [7.3.1] commons-compress:1.21 | CVE-2024-26308
- TAC-19003 [7.3.1] commons-codec:1.11 | None
- TAC-19222 [7.3.1] Update Apache HttpClient to 4.5.13
Other issues fixed in TPS-5546
- TAC-19094 [7.3.1] value of context variable type=password provided as "Custom value" visible in technical.log when task launched using metaservlet.
- TAC-19039 [7.3.1] transfer libraries from nexus2 to nexus3 failed
- TAC-19074 [7.3.1] on the db config page click "Import parameters" button then appears "Driver is required to check connection"
- TAC-19162 [7.3.1] key rotation called in an infinite loop
- TAC-19207 [7.3.1] An error occured while downloading log. Failed to copy full contents
- TAC-15740 [7.3.1] Use SHA instead of MD5 when checking checksums
TPS-5545
CVEs fixed in TPS-5545
- TAC-19071 [7.3.1] CVE-2020-11979: Vulnerability reported by org.apache.ant:ant:1.9.12
Other issues fixed in TPS-5545
- TAC-19057 [7.3.1] the NULL value for jobscriptarchivefilename -> executiontask in Postgresql db causing NPE for task running
- TAC-19109 [7.3.1] Memory leak in TaskListenerRegister
- TAC-18862 [7.3.1] TAC Error occurred when Listening statistics on socket localhost: null"
- TAC-18958 [7.3.1] Support Nexus version 3.65
- TAC-19048 [7.3.1] TAC technical log flooded with messages ERROR GeneratedProcessHelper class
- TAC-18560 [7.3.1] Set WARN EncryptionHandler to debug level
- TAC-18937 [7.3.1] Red icon for LDAP "group title" when UseLDAPAuthentication = false
- TAC-18341 [7.3.1] improve TAC download logs feature (includes additional logs)
- TAC-19090 [7.3.1] Move to cloud splash screen points to an invalid community link
TPS-5544
CVEs fixed in TPS-5544
- TAC-19002 [7.3.1] Findings in: bcprov-jdk15on:1.70
- TAC-19013 [7.3.1] CVE-2023-26119: HtmlUnit Code Injection vulnerability
- TAC-19004 [7.3.1] Findings in: commons-collections:3.2.1
- TAC-19047 [7.3.1] tomcat-coyote:9.0.75 | CVE-2023-44487
Other issues fixed in TPS-5544
- TAC-17959 [7.3.1] Deploy tac throw The value can't be decrypted javax.crypto.BadPaddingException: pad block corrupted
- TAC-18785 [7.3.1] Under Settings->Configuration-> Software Update, 3 errors was shown in titile but only one "Unable to locate repository with the provided id (name)." was pointed out for user.
TPS-5543
CVEs fixed in TPS-5543
- TAC-18910 [7.3.1] CVE-2023-33265: Vulnerability reported by trivy com.hazelcast:hazelcast v.3.12.6
- TAC-18733 [7.3.1] CVE-2023-4759: Vulnerability reported by trivy org.eclipse.jgit:org.eclipse.jgit v.5.6.1.202002131546-r
- TAC-18740 [7.3.1] CVE-2021-22570: Vulnerability reported by trivy com.google.protobuf:protobuf-java v.2.5.0
Other issues fixed in TPS-5543
- TAC-18229 [7.3.1] Random issue: fields in configuration page become read-only
- TAC-18545 [7.3.1] Metaservlet command to stop execution plan
- TAC-18771 [7.3.1] Execution plan will always stay loading when more than one person resuming plans
- TAC-18782 [7.3.1] Improve logs and error message for some typical exception cases, and JobServer connection reliability
- TAC-18787 [7.3.1] "Real time statistics" dialog was still shown even the user logged out.
- TAC-18814 [7.3.1] Viewing exec log from JobConductor page uses more time and memory
- TAC-18845 [7.3.1] It is possible to create a PLAN that will stay running forever without any error returned
- TAC-18859 [7.3.1] The password to connect to TAC from studio should support special characters
- TAC-18705 [7.3.1] Remove the redundant buttons under LADP configuration
- TAC-18836 [7.3.1] Create executionId in TAC and pass it to jobserver
TPS-5492
CVEs fixed in TPS-5492
- TAC-18737 [7.3.1] CVE-2023-39410: Vulnerability reported by trivy org.apache.avro:avro v.1.10.2
- TAC-18736 [7.3.1] CVE-2023-44981: Vulnerability reported by trivy org.apache.zookeeper:zookeeper v.3.5.8
- TAC-18732 [7.3.1] CVE-2023-5072: Vulnerability reported by trivy org.json:json v.20230227
- TAC-18741 [7.3.1] CVE-2022-45868: Vulnerability reported by trivy com.h2database:h2 v.2.1.214
- TAC-18738 [7.3.1] CVE-2023-4586: Vulnerability reported by trivy io.netty:netty-handler v.4.1.84.Final
Other issues fixed in TPS-5492
- TAC-18520 [7.3.1] Trim value of 'Runtime server username'
- TAC-18570 [7.3.1] hide h2console URL from TAC>Configuration page
- TAC-18809 [7.3.1] realtime.cache.size specified in configuration.properties not taken into account
- TAC-18550 [7.3.1] Contexts will not decrypted or encrypted when default or original value is NULL
TPS-5491
CVEs fixed in TPS-5491
- TAC-18739 [7.3.1] CVE-2013-6235: Vulnerability reported by trivy com.jamonapi:jamon v.2.74
Other issues fixed in TPS-5491
- TAC-3292 [7.3.1] metaservlet methods for "project Reference" to be deprecated
- TAC-18718 [7.3.1] Job Conductor page not show tasks
- TAC-18535 [7.3.1] Stop TAC connecting to unused ESB Infrastructure Services
- TAC-18569 [7.3.1] misleading example in configuration.properties JobServerClient.conf.timeout=30000
- TAC-18520 [7.3.1] Trim value of 'Runtime server username'
TPS-5490
CVEs fixed in TPS-5490
- TAC-18597 [7.3.1] CVE-2023-34610: com.cedarsoftware:json-io vulnerability found by trivy
- TAC-16787 [7.3.1] java.lang.security.audit.crypto.ssl.defaulthttpclient-is-deprecated.defaulthttpclient-is-deprecated
- TAC-18600 [7.3.1] Update jaxws-ri to version 2.3.6
- TAC-18246 [7.3.1] guava:30.0-jre | CVE-2020-8908
- TAC-18599 [7.3.1] Check whether Apache Directory jars can be replaced with api-all
Other issues fixed in TPS-5490
- TAC-18554 [7.3.1] NPE happen when LDAP firstName and lastName are empty
- TAC-18591 [7.3.1] No more user available with this license error
- TAC-18544 [7.3.1] when context.passwords.secured.only=true contexts not decrypted when default or original value is empty
- TAC-18346 [7.3.1] deploy error with virtual server : error 'Connection to server failed' occurred when 'Sending...'
- TAC-18433 [7.3.1] When execution is removed from scheduledJobManager basic and detailed status are not updated
- TAC-18596 [7.3.1] Redundant dependency opencsv-1.8_patched found in TAC
- TAC-18569 [7.3.1] misleading example in configuration.properties JobServerClient.conf.timeout=30000
TPS-5489
CVEs fixed in TPS-5489
- TAC-18416 [7.3.1] Findings in: shiro-web:1.10.0
Other issues fixed in TPS-5489
- TAC-18170 [7.3.1] Import same execution plan twice will throw NPE error
- TAC-18456 [7.3.1] Connection to server failed error even though logs are complete
- TAC-18463 [7.3.1] For Git project name with dot character ('.') project folder name is truncated in org.talend.administrator_git
- TAC-18467 [7.3.1] TAC Job Conductor - Statistic is showing as Removed
- TAC-18471 [7.3.1] XSS issue when deleting User Groups
- TAC-17875 [7.3.1] TAC new log retriever sub-optimal with some workloads
- TAC-18262 [7.3.1] output less redundant debug logs to make it easier to check customer's issues in logs
- TAC-18437 [7.3.1] Add/Delete task in EP with trigger tasks list will show empty
- TAC-18483 [7.3.1] Check and remove sensitive information from local storage
- TAC-18486 [7.3.1] TAC shows Runtime Down if Host name has trailing space characters.
- TAC-18517 [7.3.1] the QRTZ tables are missing after installing TAC 8 in Oracle DB
TPS-5488
CVEs fixed in TPS-5488
- TAC-18366 [7.3.1] CVE-2020-11971 org.apache.camel:camel-core 2.24.2
Other issues fixed in TPS-5488
- TAC-18296 [7.3.1] TAC 7.3 to 8 Error: Not correct logs when migration
- TAC-17774 [7.3.1] TAC Error : Warning "Checking Connection" for Git while adding projects
- TAC-18359 [7.3.1] Add the context parameter for saveEsbTask & updateEsbTask commands
- TAC-18342 [7.3.1] TAC UI bug in virtual server page
- TAC-18360 [7.3.1] Make the configuration for plan recovery mechanism separate from task recovery
- TAC-18247 [7.3.1] TAC software update page gives "Unexpected HTTP status '503'"
- TAC-18381 [7.3.1] Enable TAC's SMTP Debug option.
- TAC-11347 [7.3.1] Add deleting tasks from execution plan to the business log
- TAC-18456 [7.3.1] Connection to server failed error even though logs are complete
TPS-5487
CVEs fixed in TPS-5487
- TAC-18204 [7.3.1] org.apache.tomcat:tomcat-coyote:9.0.75
- TAC-18286 [7.3.1] Findings in: snappy-java:1.1.1.3
Other issues fixed in TPS-5487
- TAC-17617 [7.3.1] better handling of taskexecutionhistory content
- TAC-17799 [7.3.1] Investigate the failure of cross migration from mysql to other db
- TAC-18186 [7.3.1] Empty custom context does not reflect on TAC, uses original value instead.
- TAC-18230 [7.3.1] Recovery for execution plan doesn`t work properly when plan idquartzjob is different from plan id
- TAC-18270 [7.3.1] Issue with MetaServlet's "deleteUserGroupById" command.
- TAC-18250 [7.3.1] processing stopped after multi selecting "resume tasks" in UI
- TAC-12486 [7.3.1] Strange URL addon after starting TAC
- TAC-18214 [7.3.1] Unknown JavascriptException seen in Browser's console
- TAC-18236 [7.3.1] After applying Patch20230421TPS-5461_v1-8.0.1 customer is not able to connect to there JFrog Artifactory anymore and are seeing the "Timeout occurs while retrieving this parameter for URL:" message
- TAC-18247 [7.3.1] TAC software update page gives "Unexpected HTTP status '503'"
- TAC-18331 [7.3.1] Long latency (15 min) execution under virtual server node even though the Jobserver are graded with five starts under low load
TPS-5460
CVEs fixed in TPS-5460
- TAC-18104 [7.3.1] Vulnerability found in com.google.guava:guava:11.0.2 | CVE-2018-10237
- TAC-18090 [7.3.1] CVE: org.apache.tomcat:tomcat-catalina:9.0.69
- TAC-18128 [7.3.1] Vulnerabilities found in commons-cli 1.2
- TAC-18127 [7.3.1] Vulnerability found in jfreechart 1.0.13 | CVE-2007-6306
- TAC-18106 [7.3.1] CVE-2021-41973 : Vulnerability found in org.apache.mina:mina-core:2.1.3
- TAC-18107 [7.3.1] Vulnerability found in org.eclipse.jetty:jetty-server:9.4.48.v20220622 | CVE-2023-26048
- TAC-17871 [7.3.1] Jobs are stuck in "Running" Status for long period
Other issues fixed in TPS-5460
- TAC-17702 [7.3.1] Support Ubuntu 22.04 as a TAC OS
- TAC-17739 [7.3.1] TAC Support for MS SQL Server 2022
- TAC-17945 [7.3.1] Jobconductor display last execution log is slow.
- TAC-18097 [7.3.1] The column name 'processingstate' is specified more than once in the SET clause or column list of an INSERT
- TAC-18129 [7.3.1] Jobs triggered by execution plan cron triggers throws NPE
- TAC-17982 [7.3.1] Issues found for On unavailable Job server with virtual server
- TAC-18025 [7.3.1] Use attached dump file to migrate from postgres to oracle failed in 731 latest patch
- TAC-18078 [7.3.1] unable to properly use a custom schema with a postgres non default database
- TAC-18159 [7.3.1] Delete a task which is set in rollback in executionplan will throw Operation failed: !!!Cannot flush and commit transaction.!!!
TPS-5459
CVEs fixed in TPS-5459
- TAC-17948 [7.3.1] json-smart:2.4.6 | CVE-2023-1370
- TAC-17974 [7.3.1] org.codehaus.jettison: jettison:1.5.3
Other issues fixed in TPS-5459
- TAC-17917 [7.3.1] Nexus Arctifact list is being truncated in TAC
- TAC-17997 [7.3.1] License is not showing MDM named users count
- TAC-17861 [7.3.1] Zip file missing in job-conductor when calling an artifact task
- TAC-17618 [7.3.1] debug messages in TAC : DEBUG Segment
- TAC-18003 [7.3.1] The issue of removeServerProjectAuthorization | createServerProjectAuthorization
- TAC-17921 [7.3.1] Job execution recovery behavior is same amont each 'On unavailable Job server' settings
- TAC-17933 [7.3.1] Unauthorised Access to Users Feature
- TAC-17876 [7.3.1] updateDesStoragePeriodForLogFiles::TAC team failed error
- TAC-17976 [7.3.1] User list cache should be clear in notification page when users lose user access role
TPS-5458
CVEs fixed in TPS-5458
- TAC-17641 [7.3.1] CVE-2022-1471: snakeyaml:1.33
- TAC-17664 [7.3.1] CVE-2022-45787: apache-mime4j-storage:0.8.3
- TAC-17773 [7.3.1] CVE-2022-45688: Json:20220320
- TAC-17793 [7.3.1] maven-core:3.8.6
- TAC-17810 [7.3.1] CVE-2023-24998: commons-fileupload:1.4
- TAC-17824 [7.3.1] CVE: org.apache.tomcat:tomcat-catalina:9.0.68
- TAC-17834 [7.3.1] CVE-2021-28170: jakarta.el:3.0.3
Other issues fixed in TPS-5458
- TAC-17633 [7.3.1] Errors "can't connect to the zookeeper server" in TAC 7.3.1 even not used ESB
- TAC-17698 [7.3.1] Unable to migrate TAC's DB and no visible error.
- TAC-16466 [7.3.1] custom role for execution plan access
- TAC-17626 [7.3.1] TAC artifactory path validation incomplete
- TAC-17796 [7.3.1] resumePlan/pausePlan by MetaServlet for FileTrigger does not work
- TAC-17766 [7.3.1] 721 migration to latest 731 patch failed.
- TAC-17855 [7.3.1] Custom value for password type context parameter will be written to database in plain text when run a plan
- TAC-17637 [7.3.1] maxDurationBeforeCleaningOldJobs and maxDurationBeforeCleaningOldExecutionsLogs in configuration table the description should be days
- TAC-16763 [7.3.1] modify a NPA user which has not roles will fail with 'Save failed: NoSuchElementException'
- TAC-17821 [7.3.1] migration failed from 711 to 731 with oracle
- TAC-17277 [7.3.1] "use latest version" : the latest artifact version is not always selected- Jfrog
- TAC-17758 [7.3.1] Check whether exe/dll files needed for TAC
- TAC-17862 [7.3.1] Jobs executed using Chron trigger throws Cannot retrieve bean error
- TAC-17885 [7.3.1] Some tasks are killed when a value except 0 is set to "scheduler.conf.resetTaskStatus.maxDurationsOnEmptyLog"
- TAC-16377 [7.3.1] Server-Project authorization is not checked when deploy job is launched
- TAC-17916 [7.3.1] TAC Webapp cannot logon to TAC DB MS SQL Server when database.password contains special characters
- TAC-17278 [7.3.1] TAC support for FIPS (Federal Information Processing Standard)
- TAC-17763 [7.3.1] Support for PostgreSQL 15
- TAC-17876 [7.3.1] updateDesStoragePeriodForLogFiles::TAC team failed error
- TAC-17933 [7.3.1] Unauthorised Access to Users Feature
- TAC-17938 [7.3.1] "On unavailable jobserver" with "Restart task" does not work on virtual server
- TAC-17976 [7.3.1] User list cache should be clear in notification page when users lose user access role
TPS-5427
Issues fixed in TPS-5427
- TAC-17714 [7.3.1] Task end date and task duration details are not updated in TAC if we manually kill any job
- TAC-17600 [7.3.1] error 500 when selecting artifact in repository from job conductor
- TAC-17681 [7.3.1] Error and warn messages when execution plans are executed even they ran without any issues.
- TAC-17398 [7.3.1] Generated job not found after migration
- TAC-17572 [7.3.1] taskexecutionhistory table size and TAC start time
TPS-5425
CVEs fixed in TPS-5425
- TAC-17544 [7.3.1] Update ehcache version for hibernate in TAC
- TAC-17596 [7.3.1] CVE-2022-45693: Vulnerable lib Jettison 1.5.1 found in TAC
- TAC-17594 [7.3.1] CVE-2022-40152: com.fasterxml.woodstox:woodstox-core:6.2.7
- TAC-17599 [7.3.1] CVE-2022-42252: Vulnerable lib tomcat-coyote 9.0.58 found in TAC
- TAC-17699 [7.3.1] CVE-2021-44832: Log4j2 CVE appeared again after jcloud was updated
- TAC-17591 [7.3.1] CVE-2022-1471: Vulnerability was found in library SnakeYAML version 1.32
Other issues fixed in TPS-5425
- TAC-17608 [7.3.1] Metaservlet TAC database migration from Postgres to SQL Server is not working
- TAC-17645 [7.3.1] AWS sso created new user could not be updated from TAC UI
- TAC-17668 [7.3.1] Some tasks are killed even though "scheduler.conf.resetTaskStatus.maxDurationsOnEmptyLog" set to 0
- TAC-17602 [7.3.1] Task Status Mismatch Issue
- TAC-17371 [7.3.1] fewer business logs compared to 7.2.1
- TAC-17499 [7.3.1] TAC slowness in requesting run and deploying
- TAC-16293 [7.3.1] TAC will hang up if a task with a specific job enabling Statistics on the task is running
TPS-5423
CVEs fixed in TPS-5423
- TAC-17558 [7.3.1] Update CXF library to version 3.5.5
- TAC-17489 [7.3.1] CVE: CVE-2022-40154 com.thoughtworks.xstream:xstream:1.4.19(to 1.4.20)
- TAC-17598 [7.3.1] CVE-2022-3171: Vulnerable lib Protocol Buffers 3.6.1 found in TAC
Other issues fixed in TPS-5423
- TAC-17353 [7.3.1] Issue adding a new LDAP user in TAC
- TAC-17555 [7.3.1] Add a description into TAC cumulative patch Release Note
- TAC-17560 [7.3.1] "Storage period for generated Jobs" is not working.
- TAC-17569 [7.3.1] Add index for some table in MSSQL, Postgre, Oracle
- TPS-5421 [7.3.1] Update CXF library to version 3.5.5 (TAC-17558)
- TPS-5423 [7.3.1] Cumulative Patch - 20230106
Fixed issues
This patch is cumulative and contains the following fixes:
- TPS-3836 [7.3.1] LDAPs connection failure on TAC configuration page,LDAP user can not login(TAC-14109)
- TPS-3977 [7.3.1] Not possible to assign authorizations beyond 127 projects in TAC. (TAC-14177)
- TPS-4016 [7.3.1] After migrate from 6.4.1 to 7.3.1,login 7.3.1 TAC failed(TAC-14196)
- TPS-4088 [7.3.1] Studio doesn't fetch Use SSL for remote jobserver from TAC(TAC-14085)
- TPS-4100 [7.3.1] SaveESBTask command fails with error {"returnCode": 1} on metaservlet while publishing route.(TAC-14301)
- TPS-4075 [7.3.1] TAC is not response, when modified the project description then clicked save (TAC-14269)
- TPS-4119 [7.3.1] content of boolean Variables in TAC with capital letters (TAC-14283)
- TPS-4122 [7.3.1] Not possible to assign authorizations beyond 127 projects in TAC for usergroup users (TAC-14315)
- TPS-4171 [7.3.1] Cross migration doesn't work (TAC-13970)
- TPS-4148 [7.3.1] Issue with context list during Task creation not showing all contexts (TAC-13776)
- TPS-4168 [7.3.1] tRestClient - base64 - metaServlet : Input byte array has wrong 4-byte ending unit (TAC-14339)
- TPS-4174 [7.3.1] taskexecutionhistory table cleaning is not triggered automatically for a specific TAC DB(TAC-14375)
- TPS-4203 [7.3.1] org.talend.administrator.common.exception.DBException: !!!Cannot flush and commit transaction.!!! (TAC-13204)
- TPS-4214 [7.3.1] Cannot upgrade the TAC DB 6.1.1 to TAC DB 7.3.1 (TAC-14400)
- TPS-4251 [7.3.1] After migration from 6.4->7.3.1(MSSQL), metaservlet command listTasks returns NullPointerException.(TAC-14403)
- TPS-4127 [7.3.1] The realtime statistics of a job run in TAC are visible in real time statistics page with a delay (TAC-14308)
- TPS-4313 [7.3.1] "Read" user can commit changes to git server (TAC-14485)
- TPS-4345 [7.3.1] Context issue with double-quotes in custom value if the original value is enclosed in double quotes (TESB-28908)
- TPS-4258 [7.3.1] Users page goes blank after removing some columns from the view (TAC-14457)
- TPS-4288 [7.3.1] TAC login is case sensitive for regular and LDAP users (TAC-14230)
- TPS-4315 [7.3.1] TAC is not sending out notifications when task fails or user is created (TAC-14274)
- TPS-4350 [7.3.1] TAC is hanging when modify project description field or any other fields in TAC project (TAC-14565)
- TPS-4376 [7.3.1] TAC begins to hang / frozen (TAC-14369)
- TPS-4451 [7.3.1] "associatePreGeneratedJob" response time issue (TAC-14660)
- TPS-4395 [7.3.1] libraries migrations : error with filename containing whitespace (TAC-11721)
- TPS-4406 [7.3.1] Nexus 3 with "nexus-context-path=/nexus" is not functioning (TAC-14509)
- TPS-4423 [7.3.1] Context Parameters are reset during updateTask using MetaServlet (TAC-14656)
- TPS-4463 [7.3.1] 401 Authentication credentials were missing or incorrect
- TPS-4474 [7.3.1] Context variables in TAC not updated after re-importing from Nexus(TAC-14695)
- TPS-4492 [7.3.1] DB migration issue with TAC in 7.3.1(TAC-14496)
- TPS-4508 [7.3.1] Restart job option does not work when it is configured in TAC (TAC-14726)
- TPS-4528 [7.3.1] Swap of original values and custom value in TAC (TESB-31017)
- TPS-4451 [7.3.1] "associatePreGeneratedJob" response time issue (TAC-14660) (fix version 2)
- TPS-4537 [7.3.1] Retrieve Virtual Servers from TAC to Studio (TAC-14742)
- TPS-4540 [7.3.1] Metaservlet Create tag via metaservlet not working when branch not whitelisted (TAC-14782)
- TPS-4545 [7.3.1] [ESB conductor] can't create task with snapshots version (TESB-31136)
- TPS-4576 [7.3.1] Update studio certificates for signing of Job zip (TAC-14816)
- TPS-4557 [7.3.1] Setting "Use https (SSL/TLS)" Parameter via TAC Metaservlet API (TAC-14813)
- TPS-4579 [7.3.1] JVM Parameters Issue in 7.3 TAC (TAC-14823)
- TPS-4594 [7.3.1] Error happened while reading contexts from the source file!!!,"returnCode":5 (TAC-14841)
- TPS-4588 [7.3.1] The Console logs in TAC is not visible after applying the patch Latest 7.3 TAC Patch (TAC-14840)
- TPS-4619 [7.3.1] Job Conductor page UI issues (TAC-14853)
- TPS-4634 [7.3.1] there is not the notification email received when the task failed (TAC-14783)
- TPS-4665 [7.3.1] Artifactory - Not able to select context in ESB conductor(TESB-31816)
- TPS-4660 [7.3.1] Catalina log is filing up with lot of debugs(TAC-14901)
- TPS-4662 [7.3.1] TAC-DB migration problem 6.4 to 7.3 (oracle 12c to 19c)(TAC-14920)
- TPS-4658 [7.3.1] TAC7.3.1 when adding artefact through normal task, issue with context variable type (TAC-14864)
- TPS-4690 [7.3.1] Smtp fails with TLS error on 7.3(TAC-14892)
- TAC-14737 [7.3.1] Github Renaming the default branch from master
- TPS-4750 [7.3.1] Contexts of ESB Task not updated when ESB Task is updated with new artifact version (TESB-32442)
- TPS-4745 [7.3.1] Trigger context fileName, filePath and folderPath not passed to the job (TAC-15017)
- TPS-4749 [7.3.1] Able to see/run tasks in projects not having authorization when only using custom roles (TAC-15038)
- TAC-14549 [7.3.1] Metaservlet: cannot delete project without authorization
- TAC-13187 [7.3.1] Can't send email notifications when running Java11
- TESB-28187 [7.3.1] SaveEsbTask metaservlet command does not set context as active.
- TAC-14218 [7.3.1] "/nexus" is hardcoded in NexusBrowserBusiness.class.
- TESB-29552 [7.3.1] TAC: StringIndexOutOfBoundsException when creating ESB Conductor Tasks
- TAC-14039 [7.3.1] Intermittent issue of StringIndexOutOfBoundsException for TaskExecutionHistoryLogge
- TAC-14391 [7.3.1] TAC: Option to remove "Rights Management" from 'Administrative Use' role
- TAC-14634 [7.3.1] Metaservlet "associatePreGeneratedJob" API is taking Default as context group
- TAC-14766 [7.3.1] TAC(MariaDB 10.1) -> Timeline page throws error after installing patch TPS-4322
- TAC-14860 [7.3.1] Metaservlet call to createUserGroup fails with {"returnCode":5}
- TAC-13817 [7.3.1] Support Cache-Control attributes (No-store, No-cache)
- TAC-13761 [7.3.1] Tooo long time to complete the Job server status check
- TAC-14670 [7.3.1] TAC resiliency issue with statistics port
- TAC-14896 [7.3.1] TAC Errors after installing TAC Patch20201218TPS-4556_v2
- TAC-14968 [7.3.1] TAC-ESB is not able to deploy routes / nor displays runtimes
- TAC-14960 [7.3.1] Failed to deploy artifacts: Could not find artifact error when trying to publish jobs
- TPS-4626 [7.3.1] Viewer role do not have access to view Execution logs under Job conductor(TAC-14796)
- TPS-4724 [7.3.1] Roles for download an artifact from Nexus in TAC Job Conductor view (TAC-14316)
- TAC-15097 [7.3.1] project does not show in UI after executing CreateProject metaservlet command
- TAC-15054 [7.3.1] Execute update project by MetaServlet failed with {"returnCode":1}
- TAC-15124 [7.3.1] metaservlet listTrigger fails
- TAC-14924 [7.3.1] Displaying order is not consistent at Job Conductor screen
- TAC-14229 [7.3.1] Add functionality to display the actual TAC version to know the installed PATCH
- TAC-14811 [7.3.1] Zero byte job execution log issue on TAC
- TAC-14964 [7.3.1] Jobs stuck in RUNNING status (recovery mechanism for tasks and plans)
- TPS-4659 [7.3.1] the pause button on trigger does not work perfectly (TAC-14871)
- TPS-4689 [7.3.1] Cannot reach SVN server(TAC-14843)
- TPS-4765 [7.3.1] Metaservlet associatePreGeneratedJob error: This job doesn't have context: 'Default' (TAC-15086)
- TAC-15219 [7.3.1] not able to migrate MSSQL database from 6.1.1 to 7.3.1 (TAC-14697)
- TAC-15128 [7.3.1] TAC - GIT configuration
- TAC-14666 [7.3.1] TAC migration failed with h2 DB
- TAC-14973 [7.3.1] Execution Plans fails with status: INTERRUPTED, RUNNINGERROR, PLANLAUNCHED, RUNNINGERROR and ENDEDWITH_WARNING (fixed interrupted plan status issue
- TAC-15165 [7.3.1] select nexus job should display "Select artifact from Nexus" when if I use nexus as my artifactory repository type
- TAC-15265 [7.3.1] TAC / JOB CONDUCTOR : Error: Connection to server failed when deploying a job - jobserverClient.port.timeout (default timeout increased to 5 seconds)
- TPS-4784 [7.3.1] ERROR TalendRemoteServiceServlet - Expected to find an object with property ['items'] in path $ but found 'java.lang.String' (TAC-15016)
- TPS-4785 [7.3.1] OutofMemory issue caused by RemoteDataRetreiver - Java heap space (TAC-14970)
- TPS-4786 [7.3.1] job conductor error : History for task 'undefined' when an artifact is changed from an artifact task (TAC-15158)
- TPS-4796 [7.3.1] "Save failed: No more DP (2) user available with this license" when updating an existing DP user. (TAC-15009)
- TPS-4800 [7.3.1] The metaservlet 'updatetask' action does not update the new context variable of a new version of job in TAC (TAC-15037)
- TPS-4813 [7.3.1] Add group field in Nexus Artifact selection to avoid search list can not be retrieved (TAC-13164)
- TAC-15127 [7.3.1] The response for createTrigger metaservlet is not as expected when task id doesn't exist
- TAC-15235 [7.3.1] ImportExecutionPlan command for Metaservlet not working in TAC
- TAC-14108 [7.3.1] Need a RELIABLE way to identify if 2 or more TAC instances (not clusters) are using one DB schema
- TAC-15257 [7.3.1] Not able to save edited plan after added
- TAC-14939 [7.3.1] Provide a mechanism to collect the information about TPS patch installed on customer
- TAC-14898 [7.3.1] Pop for cloud migration in TAC upon login
- TAC-15307 [7.3.1] Newly added execution plan can't be displayed on UI if there is no task
- TAC-15204 [7.3.1] RCA for TAC blank page / stuck at license check
- TAC-14674 [7.3.1] download patch failed when use artifacotry for talend-updates
- TAC-15214 [7.3.1] Correct metaServlet documentation
- TAC-15244 [7.3.1] If "Use Latest Version" checkbox is checked when saving an Artifact Task with JFrog Artifactory 6.10.9, an exception is encountered
- TAC-15255 [7.3.1] The status icon is always spinning for LDAP configuration
- TAC-15322 [7.3.1] Sort on "Time left before next triggering" failed with error on oracle 12c
- TAC-15133 [7.3.1] Root task status is not as same as before when killed due to timeout for plan
- TAC-15378 [7.3.1] "nullpointer exception" in the TAC page : PROJECT AUTHORIZATIONS
- TAC-14735 [7.3.1] audit of users who are updating contexts from TAC
- TAC-15398 [7.3.1] NPE on 7.3.1 when select sort on next trigger time on JobConductor
- TPS-4853 [7.3.1] Checking connection' warning after adding GIT project (TAC-15090)
- TPS-4857 [7.3.1] Incorrect EP status when tasks fails during EP run with parallel execution and Cron trigger (TAC-15362)
- TPS-4870 [7.3.1] Request patch for issue Authorization page can't retrieve user from IAM(TAC-15403)
- TAC-15403 [7.3.1] Authorization page can't retrieve user from IAM
- TAC-15394 [7.3.1] Customized processMessagePort not reflecting in TAC UI
- TAC-15439 [7.3.1] Delete user failed for custom role is disabled.
- TAC-14240 [7.3.1] Metaservlet API listUsers : Add field to show if user logged in, similar to UI securityadmin users list
- TAC-11581 [7.3.1] Customer would like to be able to limit accress more granularly and create new roles
- TAC-14615 [7.3.1] Role with job conductor author + job conductor view can modify the triggers
- TAC-14681 [7.3.1] TAC Role Granularity - role where user can RUN and VIEW jobs, but cannot create trigger.
- TAC-13816 [7.3.1] Support for HTTP Strict Transport Security (HSTS) in TAC
- TAC-15427 [7.3.1] H2 DB migration failed from 721 to 731
- TPS-4866 [7.3.1] Cannot migrate the TAC DB from H2 to MySQL in 7.3.1 (TAC-15372)
- TPS-4881 [7.3.1] issue with the update of the password page when French language is chosen (TAC-15466)
- TAC-15332 [7.3.1] after TAC restart, one particular job can't be triggered (fixed NPE-s)
- TAC-15492 [7.3.1] Migrated datatypes don't match the non-migrated datatypes
- TAC-15524 [7.3.1] Click on "Recipients" will show error !!!Cannot flush and commit transaction.!!!
- TPS-4860 [7.3.1] MetaServlet command "requestDeployEsbTask" causes "All bundles are not active" even though all bundles are active in Runtime (APPINT-33143)
- TPS-4886 [7.3.1] Context variables in TAC 7.3.1 not updated after re-importing task from nexus (TAC-15426)
- TPS-4898 [7.3.1] Task not changing to "Ready to deploy" state in Job Conductor (TAC-15379)
- TPS-4900 [7.3.1] TAC throws NotificationExec NPE and fails sending task-failure notification mail (TAC-15461)
- TAC-15240 [7.3.1] Remove truncated "digests" of AWS credentials
- TAC-15456 [7.3.1] Update the parameter 'contextparamsrefresh' to 'contextParamsRefresh' for metaservlet 'updatetask' action
- TPS-4905 [7.3.1] .cfg file doesn't contain all the info (TAC-15541)
- TPS-4907 [7.3.1] "failed to lazily initialize a collection of role: org.talend.model.conductor.ExecutionVirtualServer.executionServers" (TAC-15565)
- TAC-15314 [7.3.1] Need assistance on siteminder configuration for customer
- TAC-15361 [7.3.1] unable to use TLS 1.2 only smtp server with JDK 8_292 and TAC
- TAC-14449 [7.3.1] Support of auth with Tokens in TAC
- TAC-15627 [7.3.1] TAC patch install notes regarding schema migration with liquibase
- TAC-15566 [7.3.1] TAC goes to hang state, problem is in LOCKS on the "dbo.taskexecutionhistory" table
- TAC-15388 [7.3.1] Exhausted DB connections from DB pool
- TAC-15343 [7.3.1] job conductor slow to open / display execution logs
- TPS-4913 [7.3.1] Artifact task stuck in TASK_LAUNCHED status (TAC-15518)
- TPS-4966 [7.3.1] throw java.sql.SQLException: READ_COMMITTED and SERIALIZABLE when switching to executionhistory with oracle DB (TAC-15697)
- TAC-15648 [7.3.1] Task with 'Ready to run' status is converted back to 'Ready to deploy' when changing attribute
- TAC-15540 [7.3.1] Failed to migrate from 7.2.1, 7.1.1 to 7.3.1, 8.0.1 (MySql 8.x)
- TAC-15323 [7.3.1] Job getting deployed every time when Use latest version box checked
- TAC-15674 [7.3.1] Trigger does not work after migration sometimes
- TAC-13980 [7.3.1] After applying TPS-3642_v2 - Artifact task with latest version is not updating the latest version on running the job.
- TAC-15681 [7.3.1] Context is not loaded after checked 'Use Latest Version'
- TAC-15326 [7.3.1] job started twice by TAC
- TAC-15678 [7.3.1] Creating ESB Task causes "can't be found with the matching properties" error
- TAC-14603 [7.3.1] Add changes due to race condition item, in TPSVC-15569
- TAC-15438 [7.3.1] Changing License from Talend Integration to Talend Data Service Platform blocks all DI users
- TAC-15372 [7.3.1] Cannot migrate the TAC DB from H2 to MySQL in 7.3.1
- TAC-15796 [7.3.1] ERROR: Data truncation: Data too long for column 'value' at row 1
- TAC-15756 [7.3.1] TAC: a source error message and its JA equivalent need to be modified
- TAC-15810 [7.3.1] Artifact task using latest version is converted back to 'Ready to deploy' when changing attribute
- TAC-15767 [7.3.1] Clarify metaservlet commands for pause Triggers
- TAC-15820 [7.3.1] unable to deploy mutiple artifact tasks in job conductor
- TAC-15507 [7.3.1] Incorrect Error log - shows "in nexus" repository although "artifactory" is used
- TPS-4942 [7.3.1] TAC to support LDAP Groups(TAC-11690)
- TPS-4944 [7.3.1] Updating ESB Task doesn't update list of bundles in "Bundles" tab (TAC-15677)
- TPS-4954 [7.3.1] migration mssql from v6.5.1 to v7.3.1 failed(TAC-15713)
- TPS-4960 [7.3.1] Comprehensive Log is needed for TAC-14735 Audit Context change regarding the TASK/PLAN (TAC-15751)
- TPS-4977 [7.3.1] Print Saml Response to the log (TAC-15687)
- TPS-4984 [7.3.1] NullPointerException when save changes of artifact tasks's setting in job conductor (TAC-15798)
- TPS-4989 [7.3.1] ESB tasks are stuck in Deploying or Requesting_Undeploy status (TAC-15841)
- TPS-5021 [7.3.1] Hibernate initialize failed with TAC 7.3.1 after applying TPS-4989(TAC-15905)
- TAC-15954 [7.3.1] URL returned blank when adding administrator at the end of TAC url
- TAC-15899 [7.3.1] Error when undeploying ESB task
- TAC-15894 [7.3.1] Task status in execution details are always in running when job server host ip is unavailable
- TAC-15778 [7.3.1] Reset context for esb task and modify context for an artifact task the context in Execution task don't have audit logs for context
- TAC-16001 [7.3.1] Context parameters not displaying in TAC
- TAC-16022 [7.3.1] RemoteDataRetriver never shutdown for execution when jobserver is unreachable
- TAC-16092 [7.3.1] TAC-7.3.1 "Null Pointer Exception" on Project Authorizations tab.
- TPS-4991 [7.3.1] java.lang.ClassNotFoundException: javax.jms.Destination when deploying from TAC (TPRUN-2532)
- TPS-5014 [7.3.1] error accessing runtime page, via a reverse proxy (F5) (TAC-14907)
- TPS-5020 [7.3.1] migrate libraries : not all artifacts from org.talend.libraries are migrated from old to new nexus (TAC-15951)
- TPS-5025 [7.3.1] A task running by a plan with a custom context will run with default context at times (TAC-15897)
- TAC-16135 [7.3.1] Check whether log4j 2.x is used in TAC, maybe it could be excluded
- TAC-16127 [7.3.1] Cannot see context in one of TAC in a cluster
- TAC-16121 [7.3.1] TAC patch list does not manage continuation_token from nexus
- TAC-16126 [7.3.1] An error FileNotFoundException occurs during deploy when a task enables "Use Latest Version"
- TAC-15917 [7.3.1] Null Pointer exception while browsing through the tasks in Job Conductor Tab
- TAC-15967 [7.3.1] edit user group which have user assigned will throw 500 error
- TAC-15776 [7.3.1] Delete task/plan print details in business log regarding task/plan deleted
- TAC-16148 [7.3.1] ExecutionPlan Page refresh has the 500 client error
- TPS-5038 [7.3.1] TAC upgraded to TPS-4989 then startup too long time(TAC-15962)
- TPS-5066 [7.3.1] Upper / Lower Panels in the ERROR RECOVERY MANAGEMENT page not "synchronized" (TAC-16065)
- TPS-5088 [7.3.1] CVE-2021-42392 - Disable Remote H2 Console Access (TAC-16214)
- TAC-16140 [7.3.1] Changed to the applicationType from null to JOB for EP after cross migration
- TAC-16060 [7.3.1] Execution log is not immediately displayed though task has finished running
- TAC-15823 [7.3.1] Default context is not changed though removed from later version
- TAC-15513 [7.3.1] "scheduler.conf.retryRestartTaskWhenConnectionServerFailed" to be used by Tasks in Execution Plans (#1577)
- TAC-16232 [7.3.1] liquibase database migration error message
- TPS-5106 [7.3.1] TAC's DB issue when deploying ESB Tasks after patch (TAC-16277)
- TPS-5109 [7.3.1] Cannot update a task when task name and plan name are the same (TAC-16249)
- TPS-5100 [7.3.1] Metaservlet 'removeServerProjectAuthorization' failed with 'Cannot commit transaction (TAC-16245)
- TPS-5121 [7.3.1] After applying TPS-5025 Customer is facing "String index out of range: -1" for MetaServlet runTask with empty context {} (TAC-16246)
- TAC-16202 [7.3.1] Too many segment logs when debug threshold is set in technical logs
- TAC-16347 [7.3.1] 'could not execute statement' In the migrationLog file when migration Mysql/MSSQL to Postgre
- TAC-16198 [7.3.1] TAC task duration is at least 10 seconds greater than job duration
- TAC-16284 [7.3.1] No errors thrown on all migration Operations
- TPS-5146 [7.3.1] Update TAC dependency to replace log4j1 by reload4j (TAC-16339)
- TAC-16440 [7.3.1] Cross migration failed with oracle to other database
- TAC-16335 [7.3.1] Job running on Jobserver is killed unexpectedly
- TAC-15946 [7.3.1] Use nexus-migration tool to initialize nexus3.35 failed
- TAC-16442 [7.3.1] Cannot edit TAC projects with empty credential
- TAC-16483 [7.3.1] Many liquibase error logs when startup TAC with H2
- TAC-16304 [7.3.1] Customer doesn't see his admin users
- TAC-16333 [7.3.1] Update default value for ldap connection timeout to 30s
- TAC-16461 [7.3.1] User with Operation Manager role unable to see the previous execution logs
- TAC-16516 [7.3.1] Use default value jobserver.useCache=true when having DB connection problem
- TAC-16482 [7.3.1] The project is null on error message with associatePreGeneratedJob
- TAC-16468 [7.3.1] Change in behavior for getTaskIdByName metaservlet call
- TAC-16546 [7.3.1] Fix TAC name error in MetaServlet command help
- TPS-5158 [7.3.1] jgit hangs/sleep in FS.FileStoreAttributeCache step on Git Project Connection checking (TAC-16400)
- TPS-5161 [7.3.1] Change in behavior for getTaskIdByName metaservlet call (TAC-16468)
- TPS-5159 [7.3.1] user can't be imported into TAC by 'Import users' with json file (TAC-13275)
- TPS-5175 [7.3.1] Delayed task execution and task completion (TAC-16208)
- TAC-16147 [7.3.1] TAC role don't sync when update tac role from sso
- TAC-16547 [7.3.1] Cannot add AU role when using TP_ALL license
- TAC-16494 [7.3.1] The trigger info on plan is lost
- TAC-16370 [7.3.1] "DBException: task not found exception" when tasked deleted from metaservlet ->runTask and Jobconductor UI is still refreshing on it
- TAC-16513 [7.3.1] TAC 731 - H2 DB to Oracle Migration not recognizing the License in the Oracle Database
- TAC-16561 [7.3.1] Trigger name left ' is lost in File trigger
- TAC-16327 [7.3.1] Migration failed on executionplanpartcontextprmsid column from mysql to postgresql executionplanpartcontextprmsid using Metaservelet-> migrateDatabase
- TPS-5197 [7.3.1] Attribute:'svnid' not present while adding users in TAC using LDAP with SVN as storage(TAC-16555)
- TAC-16610 [7.3.1] Find possibility to enable hibernate.generate_statistics in TAC hibernate
- TAC-16626 [7.3.1] Metaservlet command "listUsers" doesn't show users ldap parameters
- TAC-16598 [7.3.1] Metaservlet command failed for createSandboxProject
- TAC-11822 [7.3.1] error / warning messages in TAC log should be more descriptive and meaningful
- TAC-15771 [7.3.1] Generate a Personal Access Token from TAC metaservlet
- TAC-16536 [7.3.1] cannot deploy and run normal task deployed as zip after jobserver reboot
- TAC-16309 [7.3.1] When Set business log limit by: Time, it can happen that all business log files are deleted and no new file created
- TPS-5169 [7.3.1] Stop & start features in ESBConductor are not working (TAC-16683)
- TPS-5234 [7.3.1] CVE-2022-31648: SSOUtils.buildErrorPage doesn't escape the error message (TAC-16644)
- TAC-16445 [7.3.1] TAC connection to Nexus behind proxy
- TPS-5241 [7.3.1] Fix ConcurrentModificationException in RealtimeDataParser (TAC-16704)
- TPS-5242 [7.3.1] missing realtime statistics from older executions (TAC-16695)
- TAC-16738 [7.3.1] Transaction deadlocked with SQL Server
- TAC-16801 [7.3.1] Notification isn't send for 'On user deletion' event when deleting user with metaservlet
- TAC-16834 [7.3.1] Reset password: typo in error message
- TAC-16554 [7.3.1] Add innodbstrictmode=OFF setting in DB config file
- TAC-16743 [7.3.1] org.hibernate.HibernateException: Illegal attempt to associate a collection with two open sessions
- TAC-16890 [7.3.1] Real time statistics is not shown anymore
- TAC-16858 [7.3.1] Not all connection results are visible in real time statistics
- TPS-5163 [7.3.1] TAC real time statistics do not work sometimes (TAC-16303)
- TAC-16495 [7.3.1] TAC Execution Plan stuck in Status "Killing"
- TAC-16703 [7.3.1] No error message when project is NPA and role is admin when login from SSO
- TAC-16753 [7.3.1] The interaction between tds and scim takes more time than 721
- TAC-16770 [7.3.1] Limit the number of patches on SoftwareUpdate page
- TAC-16897 [7.3.1] Unable to display/update context parameter using API while publishing a new version of job
- TAC-16913 [7.3.1] Migration hidden failure from V7.3.1 per JOBCONDUCTORMANAGMENT role from TPS-4088 to TPS-5066
- TAC-16958 [7.3.1] New added context in jobconductor will disappears after running artifact task
- TPS-5265 [7.3.1] Execution Plan Name not available in Triggered by Section in Job Conductor (TAC-16856)
- TPS-5267 [7.3.1] Backport "TAC needs to capture the logging in business log when pausing / resuming Execution Plan (TAC-16820)
- TAC-16621 [7.3.1] Add in Audit logs actions on Personal Tokens for TAC
- TAC-16761 [7.3.1] use Long for execution task parameter id
- TAC-16884 [7.3.1] Metaservlet: 'Cannot flush and commit transaction' when deleting ESB task
- TAC-16909 [7.3.1] No token set error on TAC DB config page
- TAC-16958 [7.3.1] New added context in jobconductor will disappears after running artifact task
- TAC-16982 [7.3.1] Plan: delete parameter in plan, but it is still referenced in context parameter
- TAC-17009 [7.3.1] The EP status should be interrupted when EP is not parallel execution
- TAC-17021 [7.3.1] Create task failed when artifact with context (H2 db)
- TAC-17026 [7.3.1] metaservlet help all for revokePersonalAccessTokenOfUser need update
- TAC-17035 [7.3.1] Rollback does not work when EP is killed by timeout
- TPS-5298 [7.3.1] The job always keep "running" when stop jobserver(TAC-16988)
- TAC-17014 [7.3.1] Delete custom context parameter need a extra refresh to see parameter disappear
- TAC-17057 [7.3.1] Contains the multiple repeat keys when export the config parameters
- TPS-5332 [7.3.1] Facing issue in servers page of TAC when trying to edit the name in the label section (TAC-17044)
- TPS-5325 [7.3.1] task status set to "Ended with Warning" and could not be triggered anymore (TAC-16790)
- TAC-17076 [7.3.1] Migration faild from 72 to 73/801
- TAC-17157 [7.3.1] Authorization Resource/Role assignments not properly refreshed
- TPS-5343 [7.3.1] "use latest version" the latest artifact version is not always selected - continuation token (TAC-17158)
- TAC-17176 [7.3.1] Master key encoded wrongly when running service in Japanese locale
- TAC-17177 [7.3.1] "use latest version" is not the latest job for the job order in jfrog is not same as studio
- TAC-17181 [7.3.1] migrateDatabase command Source=Oracle Target=PostgreSQL : creates empty tables in postgreSQL DB
- TAC-17184 [7.3.1] Update context from default and custom save it will show error after deploy a new version.
- TAC-17249 [7.3.1] job server high availability via virtual job server in case of failure does not work
- TAC-17265 [7.3.1] Unable to create tasks with TPS-5329
- TPS-5370 [7.3.1] Version: 500 The call failed on the server after apply the latest TAC patch (SqlServer with jtds driver)(TAC-17295)
- TAC-17248 [7.3.1] Metaservlet migratedatabase action does not work between mysql and mssql
- TAC-17304 [7.3.1] Old context parameter names not removed when updating task manually in TAC or using contextParamsRefresh=false with MetaServlet
- TAC-17393 [7.3.1] Duplicate entry XXX for key 'executiontaskjobprm.PRIMARY'
- TAC-17373 [7.3.1] Wrong unit for maxDurationBeforeCleaningOldJobs maxDurationBeforeCleaningOldExecutionsLogs, but doc showing days as unit
- TAC-16989 [7.3.1] Update EP does not work
- TPS-5374 [7.3.1] reset context parameter result in emply context (blank) with TPS-5343 if generatedJobs folder path is non canonical (TAC-17362)
- TPS-5379 [7.3.1] job status stuck "running" if using postgres DB, and job generating "null" in job logs (TAC-17389)
- TAC-17433 [7.3.1] Big data streaming Conductor could not list task entries
- TAC-17474 [7.3.1] Big data streaming Conductor could not deploy and run
- TPS-5391 [7.3.1] Talend jobs getting killed automatically in 7.3.1 (TAC-17432)
- TPS-5394 [7.3.1] Task Status are not updating in TAC UI (TAC-17475)
- TAC-17500 [7.3.1] Deadlock when reset task on jobserver timeout (Postgres Sql)
- TPS-5362 [7.3.1] Integrate with authentication feature for JobServer's FileServer (TAC-17056)
- TPS-5412 [7.3.1] Update jobserver client version for issue TPRUN-4892 and TPRUN-4898
- TPS-5419 [7.3.1] Metaservlet not able to read context from Artifact (TAC-17525)
Security fixes
This patch includes the security fixes:
- TPS-4255 [7.3.1] Security fix cross site script vulnerability in Project section (ulr field)(TAC-14300)
- TPS-4698 [7.3.1] Stored Cross Site Scripting (XSS) (TAC-14821)
- TAC-14921 [7.3.1] External library updates
- TAC-14806 [7.3.1] TAC Web UI cookie contains version information
- TAC-14167 [7.3.1] Fix OS commands injection issues
- TAC-15110 [7.3.1] Security method SecurityUtils.isSafePath() doesn't work correctly on windows env
- TAC-15259 [7.3.1] TAC vulnerability - "Auto-complete-enabled"
- TAC-15032 [7.3.1] VULN ID - 53109575 - Insufficient Authentication
- TAC-15026 [7.3.1] VULN ID - 53109573 - Session Fixation
- TAC-15030 [7.3.1] VULN ID - 53109571 -Insufficient session expiration
- TAC-15305 [7.3.1] Vulnerability is in a direct dependency XStream Core
- TAC-15478 [7.3.1] Vulnerability found in json-smart lib
- TAC-15517 [7.3.1] This vulnerability is in a direct dependency Maven Core was found
- TAC-15589 [7.3.1] Vulnerability found in maven-compat lib
- TAC-15242 [7.3.1] All remaining SQL Injection flaws
- TAC-15085 [7.3.1] Hibernate SQL Injection vulnerability in Embedded H2 backup mechanism
- TAC-15746 [7.3.1] This vulnerability is in a transitive dependency maven shared utils
- TAC-15689 [7.3.1] Vulnerability found in commons-compress, apache shiro, jsoup Java html parser, xstream-core lib
- TAC-15950 [7.3.1] Vulnerability in "forgot password" functionality in TAC
- TAC-15992 [7.3.1] Forgot password should be executed for existing and not existing user for the same time
- TAC-16076 [7.3.1] Log4j security Vulnerability - CVE-2021-44228 & CVE-2021-45046 in TAC
- TAC-16133 [7.3.1] This vulnerability was found in version 2.1.6 of Apache XML Security for Java
- TAC-16115 [7.3.1] TAC - Log4j2 CVE-2021-45105 DOS attack Fix - Version (2.17.0 update)
- TAC-15298 [7.3.1] Talend - 01 - OTG-INFO-005 - Review Webpage Comments and Metadata for Information Leakage
- TAC-16213 [7.3.1] Update H2 dependency to 2.0.206
- TAC-16344 [7.3.1] Update H2 dependency to 2.1.210
- TAC-16487 [7.3.1] Vulnerable library JDOM was found in org.talend.migration.artifactory/pom.xml
- TAC-16486 [7.3.1] Vulnerable library Liquibase was found in org.talend.migration/pom.xml
- TAC-16390 [7.3.1] CVE-2022-29943: Talend2 - 01 - XXE
- TAC-16407 [7.3.1] CVE-2022-29942: Talend2 - 03 - SSRF
- TAC-16485 [7.3.1] Remove the log4j 1.2.17 in nexus-signature-migration jar
- TAC-16420 [7.3.1] Talend2 - 02 - Database authentication testing endpoint is not authenticated
- TAC-16567 [7.3.1] CVE-2021-43859: Vulnerable library XStream Core 1.4.18
- TAC-16568 [7.3.1] CVE-2020-36518: Vulnerable library jackson-databind 2.12.2
- TAC-16624 [7.3.1] CVE-2022-23181: Vulnerable library tomcat-catalina 9.0.54
- TAC-16644 [7.3.1] SSOUtils.buildErrorPage doesn't escape the error message
- TAC-16668 [7.3.1] Update to Apache CXF 3.5.2 for TAC
- TAC-16792 [7.3.1] Session creation is insecure
- TAC-16794 [7.3.1] For cookie "dbadminsession" HttpOnly needs to be added
- TAC-14807 [7.3.1] Fix possible SQL Injection issues
- TAC-16977 [7.3.1] CVE-2022-32532: Update apache shiro to 1.9.1 version
- TAC-16978 [7.3.1] CVE-2022-25647: Update Gson lib to version 2.9.0
- TAC-16980 [7.3.1] CVE-2022-23221: Update Maven Core to version 3.8.6
- TAC-16979 [7.3.1] CVE-2021-26291: Update H2 Database Engine to version 2.1.214
- TAC-17017 [7.3.1] CVE-2022-33980: Update Apache Commons Configuration to version 2.8.0
- TAC-16985 [7.3.1] Implement file path traversal guards
- TAC-17227 [7.3.1] Remove default credentials to nexus and artifactory
- TAC-17331 [7.3.1] CVE-2022-23437: Vulnerable lib Xerces 2.12.0 found in TAC
- TAC-17330 [7.3.1] CVE-2022-40150: Vulnerable lib Jettison 1.4.0 found in TAC
- TAC-17332 [7.3.1] CVE-2022-40664: Vulnerable lib shiro-web found in TAC
- TAC-17354 [7.3.1] CVE-2022-42003: Vulnerable library jackson-databind was found in TAC
- TAC-17340 [7.3.1] CVE-2022-42889: Update lib apache.commons-text
- TAC-17424 [7.3.1] CVE-2022-25857: Vulnerability was found in library SnakeYAML version 1.26
- TAC-17482 [7.3.1] CVE: commons-codec:commons-codec:1.11(to 1.15)
- TAC-17483 [7.3.1] CVE: CVE-2022-36033 org.jsoup:jsoup:1.14.2 (to 1.15.3)
- TAC-17354 [7.3.1] CVE-2022-42003: Vulnerable library jackson-databind was found in TAC (fixed in org.talend.migration.nexus)
- TAC-17426 [7.3.1] CVE-2021-20293: Vulnerability was found in library RestEasy core version 4.5.10.Final
- TAC-17541 [7.3.1] Update CXF library to version 3.5.2
- TAC-17542 [7.3.1] CVE-2021-33813: Remove vulnerable jdom-1.1 from project
- TAC-17546 [7.3.1] CVE-2019-7611: Vulnerability found old in org.elasticsearch:elasticsearch 2.4.3
- TAC-17548 [7.3.1] CVE-2021-29425: Vulnerability found in commons-io version 2.6
- TAC-17549 [7.3.1] Vulnerability found in org.json:org.json:20120509 and org.json:json:20140107
- TAC-17543 [7.3.1] Update org.apache.jclouds:jclouds* to version 2.5.0
- TAC-17553 [7.3.1] Update Pax URL Aether
Deprecated items
From TPS-4913, below features are deprecated:
- Activity Monitoring Console(AMC)
- Publisher
- SVN for project storage