R2025-08-RT (monthly release cumulative patch)

Introduction

This patch is cumulative. It includes the previous generally available patches from Talend ESB Runtime 8.0.1.R2025-02-RT.

NOTE:

• To download this patch, contact Talend Support.
• Keeping Studio and Talend Runtime versions in sync is highly recommended. Using unaligned versions is a risk.

Prerequisites

This patch must be installed on top of Talend ESB Runtime version 8.0.1.R2025-02-RT (Camel 4) or later. The installation on an older Talend ESB Runtime version will be rejected. More information about the installation of this version is available in the online documentation: https://help.talend.com/r/en-US/Cloud/installation-guide-linux/upgrading-runtime.

Installation

Depending on the product, {container} is Talend-ESB-V8.0.1.R2025-02-RT/container/ or Talend-Runtime-V8.0.1.R2025-02-RT/

For all inserted properties:

• if property already present (commented or uncommented), won't insert
• if property not already present, will backup related file in dir {container}/patches/Patch_20250829_R2025-08_v1-RT-8.0.1.R2025-02-RT/backup/ and insert property

For all updated properties:

• if property commented or not already present, won't update
• if property already present, will backup related file in dir {container}/patches/Patch_20250829_R2025-08_v1-RT-8.0.1.R2025-02-RT/backup/ and update property

If any change required, update value after patch execution.

Installation Steps

• Start Runtime Container
• Extract & replace the content of ZIP directory container into {container} directory

Structure after extract & replace should be :

{container}
├───bin     : existing dir
├───deploy  : existing dir
├───etc     : existing dir
├───...
├───patches : dir from current or previous patch
│   └───Patch_20250829_R2025-08_v1-RT-8.0.1.R2025-02-RT
│           patch.bat
│           patch01.commands
│           patch02.commands
│           patch03.commands
│           patch.sh
│           talend-esb-patch-<version>.jar
│           logs/ : directory for logs installation
├───system  : existing dir
│   ├───... : existing dir
├───...

• Ensure username/password are right in {container}/patches/Patch_20250829_R2025-08_v1-RT-8.0.1.R2025-02-RT/patch.bat or {container}/patches/Patch_20250829_R2025-08_v1-RT-8.0.1.R2025-02-RT/patch.sh

  ... -u {username} -p {password} -f patch.commands ... 
  

• Execute {container}/patches/Patch_20250829_R2025-08_v1-RT-8.0.1.R2025-02-RT/patch.bat or {container}/patches/Patch_20250829_R2025-08_v1-RT-8.0.1.R2025-02-RT/patch.sh

• Ensure directory {container}/patches/Patch_20250829_R2025-08_v1-RT-8.0.1.R2025-02-RT/logs contains new log files :
  • xxx-installation.log: patch installation log
  • xxx-init.log: state before patch installation
  • xxx-installed.log: state after patch installation

    Please note that Routes using cMap (TDM feature) are not automatically restarted by the patch procedure.
    You will need to restart the Runtime Container for changes to take effect.
    

Warning: JRE 17.0.8 may refuse to open JAR or other ZIP files from Talend ESB Runtime or the patch
installer. They complain about invalid CEN headers. This is caused by an incompatibility with JARs and other ZIP
files created by commonly used Apache tools. It has been fixed with 17.0.9, and you need to upgrade
your JRE to 17.0.9 or later.

Notes

Bundle resolution errors and patch process duration

The updates are performed in three iterations. During the first and second iteration bundle resolution errors are showing up on the console and in the logs. This is expected, and these errors are resolved in the third iteration. The total patch process takes several minutes and depends on the number and nature of patch updates, the deployments present in the Talend ESB Runtime, and the system's hardware. At the beginning of the second and third iterations, you'll see a log message providing a rough estimate of the remaining time to complete the patch: The patch process is roughly estimated to complete within {} minute(s).

R2025-08

Issues fixed in 2025-08

DPE

• DPE-240: CFG file doesn't mask passwords and other sensitive data
• DPE-1526: upgrade langchain4j for ai component.
• DPE-1528: Issue with <oneway> tRestRequest component
• DPE-1588: Talend ESB runtime: install reactor-core and reactive-streams by default
• DPE-1596: [Support][Talend Runtime] - ESB Runtime Server problem with Minio connection
• DPE-1628: cTextTemplate route failed to deploy to runtime
• DPE-1630: ClassCastException: class CacheManagerPersistenceConfiguration cannot be cast to DefaultPersistenceConfiguration
• DPE-1707: java.lang.ClassNotFoundException: org.apache.commons.lang.exception.NestableRuntimeException when SAM is checked on tRESTRequest

TDM

• QTDM-1407: Update TDM maplang libraries to new version 1.16.0
• QTDM-1316: Improve the behaviour when map output is recursive with csv representation

R2025-07

Issues fixed in 2025-07

DPE

• DPE-1350: [Support][Talend Runtime] - Java.lang.ClassNotFoundException: io.micrometer.observation.ObservationConvention cannot be found by org.apache.servicemix.bundles.spring-web_6.1.14.1
• DPE-1376: Issue with Camel 4 Salesforce option fallBackReplayId
• DPE-1481: TESB RT 8.0.1 Camel 4: CVE fixes for R2025-07

CVE fixed in 2025-07

CVE-2025-52999 hazelcast 5.4.0 -> 5.5.0 (embedded Jackson core 2.14.2 -> 2.17.2) CVE-2025-49146 postgresql jdbc driver 42.7.4 -> 42.7.7 CVE-2024-1233 disable camel-elytron (deprecated for removal by camel) CVE-2025-53689 jackrabbit 2.20.9 -> 2.20.17, 2.22.0 -> 2.22.1

R2025-06

Issues fixed in 2025-06

DPE

• DPE-1267: TESB RT 8.0.1 Camel 4: Add eclipse angus activation and mail to pre-installed bundles
• DPE-1268: CVE fixes for R2025-06
• DPE-1271: Fail to run deployed kar with cAzureServiceBus in runtime

TDM

• QTDM-494: Replace old expression language in Avro schemas with DSEL
• QTDM-561: [DSQL Map] JSONTokenerException occurs when doing a TestRun
• QTDM-1301: JSON sax reader does not parse recursive data

CVE fixed in 2025-06

CVE-2025-48734: commons-beanutils 1.9.4 → 1.11.0

R2025-05

Issues fixed in 2025-05

DPE

• DPE-795: Some features fail when trying to install them
• DPE-1043: Patch installation gets stuck if runtime contains spaces in path
• DPE-1160: TESB RT 8.0.1 Camel 4 - May 2025 security updates
• DPE-1138: Technical preview of decanter with upgrade to Jakarta EE 10
• DPE-1194: Missing classes for messaging components

TDM

• QTDM-1305: Update TDM maplang libraries to new version 1.15.0

CVE fixed in 2025-05

CVE-2025-46762: parquet-avro 1.15.1 -> 1.15.2

R2025-04

Issues fixed in 2025-04

DPE

• DPE-772: Talend ESB runtime 8.0.1 Camel 4: Check latest Camel and Karaf versions for updates to backport
• DPE-1036: Patch Process - Bundle refreshes during feature refreshes indefinitely block FeaturesServiceImpl
• DPE-1042: Circular dependency between tesb-security-common and talend-job-controller

TDM

• QTDM-489: Remove support for Database Representation (Phase 2)
• QTDM-93: Parser of the TDM expression language generates lot of errors

CVE fixed in 2025-04

CVE-2024-12369: wildfly-elytron 2.2.7.Final -> 2.2.10.Final CVE-2025-30065: parquet-avro 1.14.3 -> 1.15.1 CVE-2025-27427: artemis-server 2.37.0 -> 2.40.0 CVE-2025-30177: camel-undertow 4.8.1 -> 4.8.1.20250320 (backport of security fix from camel-undertow 4.8.6) CVE-2024-38821: servicemix spring-security 6.2.11 -> 6.2.71

R2025-03

Issues fixed in 2025-03

DPE

• DPE-818: Talend ESB runtime 8.0.1 Camel 4: Hardening of XACML registry resource identifiers provided via REST request
• DPE-852: Talend ESB 8.0.1 Camel 4 runtime: CVE-2025-27636: Backport fix to custom Camel 4.8.1
• DPE-873: Issue deploying Route with Camel azure-storage-queue in R2025-02-RT
• DPE-885: Talend ESB runtime 8.0.1 Camel 4: Update ActiveMQ to 6.1.6

TDM

• QTDM-121: [DSQL Map] Inconsistency between JSON and XML results on a decimal value
• QTDM-133: [DSQL Map] Avoid reporting the same error message twice
• QTDM-351: CSVSaxReader must accept root schema
• QTDM-382: Generate xsi namespace declaration no longer works for XML representation
• QTDM-375: The generated XML can be invalid when we use the option 'omit group map entry/key/value on output'
• QTDM-96: Remove support for JavaBean Representation (Phase 2)
• QTDM-450: COBOL Reader default choice strategy may hide Structure errors
• QTDM-413: [DSQL Map] Need functions getValueFromExternalMap and putValueToExternalMap
• QTDM-471: Update TDM maplang libraries to new version 1.14.0

CVE fixed in 2025-03

CVE-2025-27636, CVE-2025-29891: camel-support 4.8.1.20240820 -> 4.8.1.20250310 (backport of security fix from camel-support 4.8.5) CVE-2025-25247: felix-webconsole 5.0.8 -> 5.0.10 CVE-2025-2240: smallrye-fault-tolerance 6.4.0 -> 6.9.0

R2025-02

Issues fixed in 2025-02

DPE

• Upgrade to camel 4.8.1, java 17

TDM

• QTDM-85: TDM cMap component migration to Camel 4
• QTDM-257: Upgrade Hibernate to version depending on jakarta.xml.bind
• QTDM-255: Upgrade Saxon library to 12.5
• QTDM-285: Upgrade Saxon dependency from 9.9 to 12.5 in org.talend.transform.runtime.lib
• QTDM-290: Remove joda-time dependency from Database Representation
• QTDM-310: Add Map Group processing to XML Representation (output)
• QTDM-75: Add Map Group processing to XML Representation (input)
• QTDM-352: HashmapSaxReader must accept root schema
• QTDM-321: the value of odtEdiControl.txt is increasing when ISA13 is mapped
• QTDM-349: Hibernate version 6.x forces use of Java17. Move back to version 5
• QTDM-334: Format is wrong when show sample for map group structure and check 'omit group map entry/key/value on input'

For previous patches : see 2025-01 patch release notes