Skip to main content Skip to complementary content

TPS-5520

Info Value
Patch Name Patch_20230721_TPS-5520_v1-8.0.1
Release Date 2023-07-21
Target Version 20211109_1610-V8.0.1
Product affected Talend SAP RFC Server

Introduction

This is a self-contained patch.

NOTE: For information on how to obtain this patch, reach out to your Support contact at Talend.

Fixed issues

This patch contains the following fixes:

  • TDI-46850 Upgrade ActiveMQ Jars (5.16.3)

  • TDI-46932 tSAPInput component parses TIMS Midnight as null when using dynamic schema

  • TDI-47241 CVE: log4j-api(core)-[2 - 2.15.0)

  • TDI-47325 Cannot create data source(SAP BW version 7.5)

  • TDI-47633 CVE: Replace log4j1.x by reload4j or upgrade to log4j2

  • TDI-47763 Assess Spring4Shell vulnerability

  • TDI-47861 CVE: tomcat-embed-core 9.0.30 have risk

  • TDI-47869 Authentication Bypass in Talend/tsap-rfc-server

  • TDI-47573 SAP RFC Server shouldn't be required when feature mode is mock

  • TDI-48107 CVE: gson-2.8.0.jar

  • TDI-48174 [CVE] : upgrade kafka-clients to 2.8.1

  • TDI-48471 Denial Of Service (DoS) in Talend/cloud-components (master)--snakeyaml 1.32

  • TDI-48726 Spring-beans: Denial Of Service (DoS) in Talend/tsap-rfc-server (master)---spring 5.3.23

  • TDI-48715 CVE-2022-42003,CVE-2022-42004, jackson-databind-2.13.2.2jar

  • TDI-48873 Upgrade slf4j to 1.7.34

  • TDI-48818 Kafka: Denial Of Service (DoS) in Talend/tsap-rfc-server, sap-api and cloud-components

  • TDI-48821 Apache common codec and Apache http client in Talend/talend-sap-api (master)

  • TDI-49303 Premium Data,commons-net:commons-net:(2.2,3.3,3.6,3.8.0)

  • TDI-49797 Access Restriction Bypass in Talend/tsap-rfc-server (master):org.springframework.boot:spring-boot-actuator-autoconfigure

  • TDI-50040 Security Bypass in Talend/tsap-rfc-server (master):spring-webmvc

Prerequisites

Consider the following requirements for your system:

  • Talend SAP RFC Server 8.0.1 must be installed. and work with Talend Studio 8.0.1 with patch "R2021-12" or newer

Installation

Installing the patch using Talend SAP RFC Server

  1. Stop the Talend SAP RFC Server
  2. Extract the zip.
  3. Overwrite the {sap rfc server home}/tsap-rfc-server-8.0.1.jar
  4. Adjust the new configuration in {sap rfc server home}/conf/tsap-rfc-server.properties, please refer to README.md file in the patch root folder.
  5. Restart the Talend SAP RFC Server

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!