TPS-5083 (cumulative patch) - 7.3

Talend Big Data
Talend Big Data Platform
Talend Data Fabric
Talend Data Integration
Talend Data Management Platform
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Real-Time Big Data Platform
Talend Identity and Access Management
Last publication date

TPS-5083 (cumulative patch)

Info Value
Patch Name Patch_20220218_TPS-5083_v1
Release Date 2022-02-18
Target Verson 20220218_1-V7.3.1
Product affected LogServer


This patch is cumulative. It includes all previous generally available patches for Talend LogServer 7.3.1.

NOTE: For information on how to obtain this patch, reach out to your Support contact at Talend.

Fixed issues

This patch contains the following fixes:

  • TPS-5058: [7.3.1] Patch log4j CVE in LogServer
  • TPS-5083: [7.3.1] Updated log4j to 2.17.1


Consider the following requirements for your system:

  • Talend LogServer 7.3.1 must be installed.


  1. Stop LogServer
  2. Create a backup directory
    $ mkdir -p <backup_dir>
  3. Copy original elasticsearch-* and logstash-* folders to the backup directory
    $ cp -a <TALEND>/logserv/elasticsearch-* <backup_dir>
    $ cp -a <TALEND>/logserv/logstash-* <backup_dir>
  4. Remove vulnerable dependencies (for logstash-plugin please use .bat version on Windows, it may print warnings which can be ignored, as long as in the end it reports that the plugin removed successfully)
    $ rm -rf <TALEND>/logserv/elasticsearch-*/lib/log4j*.jar
    $ rm -rf <TALEND>/logserv/logstash-*/logstash-core/lib/jars/log4j*.jar
    $ rm -rf <TALEND>/logserv/elasticsearch-*/bin/elasticsearch-sql-cli*
    $ cd <TALEND>/logserv/logstash-*/
    $ bin/logstash-plugin remove logstash-input-graphite
    $ bin/logstash-plugin remove logstash-input-tcp
    $ rm -rf <TALEND>/logserv/logstash-*/vendor/bundle/jruby/2.5.0/gems/logstash-input-tcp-*
    $ rm -rf <TALEND>/logserv/logstash-*/vendor/bundle/jruby/2.5.0/gems/logstash-input-graphite-*
    $ rm -rf <TALEND>/logserv/logstash-*/vendor/bundle/jruby/2.5.0/specifications/logstash-input-tcp-*
    $ rm -rf <TALEND>/logserv/logstash-*/vendor/bundle/jruby/2.5.0/specifications/logstash-input-graphite-*
  5. Uzip the patch file in the root of LogServer
    $ cd <TALEND>/logserv
    $ unzip
    Note: if asked to override files please select yes/all
  6. Start LogServer


  1. Stop LogServer
  2. Remove patched directories and files
    $ rm -rf <TALEND>/logserv/elasticsearch-*/lib
    $ rm -rf <TALEND>/logserv/logstash-*/logstash-core/lib/jars
  3. Copy saved folders from the backup directory
    $ cp -rf <backup_dir>/elasticsearch-*/lib <TALEND>/logserv/elasticsearch-*/lib
    $ cp -rf <backup_dir>/logserv/logstash-*/logstash-core/lib/jars <TALEND>/logserv/logstash-*/logstash-core/lib/jars
  4. Start LogServer

Affected files for this patch

The following files are installed by this patch: - log4j-api.jar - log4j-core.jar - log4j-slf4j-impl.jar