Mule Runtime 3.9.5 Release Notes

Initial Release: February 24, 2021

Mule Runtime 3.9.5 includes fixes and patch update releases.

February 2024

Patch release version: 3.9.5-20240122

This patch update addresses the following issues:

Description Issue

An XML transformation error no longer occurs when using the M-Dmule.xstream.allowlist flag.

W-14417598

There is no DataWeave update for this version this month.

For guidance with the patching process, see Apply Patch Updates.

September 2023

What’s New

This release includes security updates.

Patch 3.9.5-20230823

Patch release version: 3.9.5-20230823

This patch update addresses the following issues:

Description Issue

This release includes important security enhancements and fixes.

W-13916544

There is no DataWeave update for this version this month.

For guidance with the patching process, see Apply Patch Updates.

August 2023

Patch release version: 3.9.5-20230726

This patch update addresses the following issues:

Description Issue

SnakeYAML is upgraded to version 2.0.

W-13506775

Hazelcast is upgraded to version 3.12.13.

W-13741059

There is no DataWeave update for this version this month.

For guidance with the patching process, see Apply Patch Updates.

May 2023

Patch release version: 3.9.5-20230424

This patch update addresses the following issues:

Description Issue

This release fixes runtime generated usage metrics.

W-12981071

There is no DataWeave update for this version this month.

For guidance with the patching process, see Apply Patch Updates.

April 2023

Patch release version: 3.9.5-20230330

This patch update addresses the following issues:

Description Issue

Mule runtime engine no longer fails to load the driver when there is a connection pool for a database.

W-12436154

Identity file passphrase is logged in error messages.

W-12450302

Mule runtime engine 3.9.5 versions now start on macOS with versions where the patch version is omitted.

W-12623414

There is no DataWeave update for this version this month.

For guidance with the patching process, see Apply Patch Updates.

March 2023

Patch release version: 3.9.5-20230217

This patch update addresses the following issues:

Description Issue

This release updates the version of json-schema-validator to be compatible with the version of jackson-databind.

W-11577522

Upgraded com.googlecode.libphonenumber from 8.0.0 to 8.11.1.

W-13161611

There is no DataWeave update for this version this month.

For guidance with the patching process, see Apply Patch Updates.

January 2023

Patch release version: 3.9.5-20221212

This patch update addresses the following issues:

Description Issue

Brackets ([ ]) no longer appear around error messages. This change fixes an issue introduced in Mule 3.9.1.

W-11494657

The expressions cache is no longer the source of a null pointer exception (NPE) during the evaluation of an MVEL expression.

W-11494657

There is no DataWeave update for this version this month.

For guidance with the patching process, see Apply Patch Updates.

October 2022

Patch release version: 3.9.5-20220920

This patch update addresses the following issues:

Description Issue

Internal improvements and library upgrades.

W-11741243

There is no DataWeave update for this version this month.

For guidance with the patching process, see Apply Patch Updates.

July 2022

Patch release version: 3.9.5-20220623

This patch update addresses the following issues:

Description Issue

Jackson upgraded to 2.13.3.

W-11139348

For guidance with the patching process, see Apply Patch Updates.

May 2022

Patch release version: 3.9.5-20220421

This patch update addresses the following issues:

Description Issue

APIKit now provides the ability to disable encoding detection.

W-10867010

Removed private logger with unexpected data formatting from the mule_ee.log file.

W-10967100

For guidance with the patching process, see Apply Patch Updates.

March 2022

Patch release version: 3.9.5-20220222

This patch update addresses the following issues:

Description Issue

Error responses now return in the correct format, in quotes instead of square brackets.

W-10660160 / SE-24398

For guidance with the patching process, see Apply Patch Updates.

February 2022

Patch release version: 3.9.5-20220127

This patch update addresses the following issues:

Description Issue

A race condition, which caused an incorrect schema validation, no longer occurs when deploying multiple applications in parallel.

MULE-20024/SE-22842

The CXF interceptor no longer adds an extra xml tag to some HTTP responses.

MULE-20043/SE-23853

Mule 3.8 and Mule 3.9 now behave the same when setting variables and their associated MIME type..

MULE-19814/SE-22635

HTTP requests that contain an encoded double slash in the URI parameter no longer cause a No listener found error.

MULE-19933/SE-22967

Adoptium Temurin JDK is now a recommended JDK vendor.

MULE-19917/SE-23354

Removing an application that is in stopped state no longer prevents redeploying that application.

MULE-19890/SE-22261

CXF components no longer throw exceptions when a mule-xml transformer is set after a CXF proxy with WS:Security.

MULE-19889/SE-21182

The Foreach component now uses the same correlationId for every iteration when setting system property mule.compoundCorrelationId.disable=true.

MULE-19844/SE-22632

Stopping a server in a server group no longer causes Anypoint Platform to show application status as Undeploying.

MULE-19783/SE-21872

Requests no longer remain stuck at the end of a request-reply scope.

MULE-19780/SE-21042

A ClassNotFoundException: Cannot load class 'scala.None$' error no longer occurs when serializing input streams data instead of the object.

EE-8140/SE-21240

For guidance with the patching process, see Apply Patch Updates.

January 2022

Patch release version: 3.9.5-20211224

This patch update addresses the following issues:

Description Issue

After upgrading from Mule runtime version 3.8.5 to 3.9.5, the CXF Component no longer raises exceptions in working configurations.

MULE-19889/SE-21182

A ClassNotFoundException: Cannot load class 'scala.None$' exception error no longer occurs with large batch jobs.

EE-8140/SE-21240

You can now redeploy applications that were in a stopped state when they were deleted.

MULE-19890/SE-22261

HTTP requests with 100-continue are now processed as expected.

MULE-19884/SE-22637

Deployment failures no longer repeat Exception locking polling lock errors in the logs.

MULE-19923/SE-22641

A request encoded with double slashes in the URI parameter no longer results in No listener found.

MULE-19933/SE-22967

Mule now recognizes Eclipse Temurin by Adoptium (formerly Adopt OpenJDK project) as a recommended JDK Vendor and no longer raises an INFO-level log message.

MULE-19917/SE-23354

Addressed a regression introduced in November patch 3.9.5-20211018, which caused an Unexpected character error in some Mule applications.

SE-22635

Added new system property mule.setVariable.inheritedMimeType.disable=false. When set to true, Mule checks if the MIME type is set in a set-variable component configuration.

MULE-19941

For guidance with the patching process, see Apply Patch Updates.

November 2021

Patch release version: 3.9.5-20211018

The November patch update addresses the following issues:

Description Issue

HTTP requests now complete at the end of a Request-Reply scope.

MULE-19780/SE-21042

If you stop a server that is part of a server group, applications using that runtime no longer show a status of undeploying in Runtime Manager.

MULE-19783/SE-21872

When cache is enabled on an application, the MuleSoft Expression Language (MEL) no longer evaluates the NullSafe .? operator to null.

MULE-19785/SE-22515

If you set mule.compoundCorrelationId.disable to true, foreach operations no longer use a different correlationId for every iteration.

MULE-19844/SE-22632

Mule runtime now checks if the MIME type is set in the set-variable configuration.

MULE-19814/SE-22635

For guidance with the patching process, see Apply Patch Updates.

October 2021

Patch release version: 3.9.5-20210915

The October patch update addresses the following issues:

Description Issue

Introduced a new mechanism for collecting API gateway usage statistics, which defaults to enabled.

To opt out, include anypoint.platform.metrics_enabled=false in wrapper.conf or as a parameter when starting Mule.

AGW-4823

For guidance with the patching process, see Apply Patch Updates.

September 2021

Patch release version: 3.9.5-20210823

The September patch update addresses the following issues:

Issue Description

MULE-19720/SE-22244

WebSphere MQ (WMQ) connector outbound endpoint does not create a transactional context when there is no transaction.

SE-20362/IMC-92

Added a new system property for WebSphere MQ (WMQ) connector to reflect the encryption status of the correlation ID.

For guidance with the patching process, see Apply Patch Updates.

August 2021

Patch release version: 3.9.5-20210719

The August patch update addresses the following issues:

Issue Description

AGW-4869/SE-21462

Custom policies are no longer deleted after restarting an application from Anypoint Runtime Manager.

MULE-19427/SE-19908

A serialization issue no longer occurs after a RoutingException error when using an SFTP transport in a Mule cluster.

For guidance with the patching process, see Apply Patch Updates.

July 2021

Patch release version: 3.9.5-20210622

The July patch update addresses the following issues:

Issue Description

SE-20063

The RAML Java parser logger improves log messages.

SE-20800

The soundslike comparison operator now returns false instead of an InvalidExpressionException error.

MULE-19450

The soundslike comparison operator no longer throws InvalidExpressionException error.

SE-20880

DataWeave flat files now contain the property notTruncateDependingOnSubjectNotPresent to avoid truncating the group-item when the subject is not present or the length of the subject of an OCCURS clause is zero. Earlier versions contained this property.

MULE-19284

This release updates XStream to 1.4.16 and Spring Security to 4.2.20.

APIKIT-2943

Upgraded the Java RAML parser to 1.0.44-1.

For guidance with the patching process, see Apply Patch Updates.

June 2021

Patch release version: 3.9.5-20210517

The June patch update addresses the following issues:

Issue Description

SE-20983

A class-loading regression, introduced in the May update, that caused a java.lang.ClassNotFoundException: com.ibm.mq.jms.MQConnectionFactory error no longer occurs when using WMQ Connector.

MULE-19374

Updated the Groovy dependency to version 2.4.21.

For guidance with the patching process, see Apply Patch Updates.

May 2021

Patch release version: 3.9.5-20210419

The default for the DataWeave XML reader property supportDtd changes to false in this release. The new default is described in fixed issue DW-377.

This change affects Mule versions 3.9.5, 4.1.6, and 4.2.2 for on-premises Mule, CloudHub, and other hosted or embedded runtimes, including Anypoint Runtime Fabric and Anypoint Studio. Future patches to these releases and future minor releases of Mule will also incorporate the new default.

The May patch update addresses the following issues:

Issue Description

MULE-19327/SE-20359

Provided the system property -Dmule.jms.closeConnectionOnStop=true to enable the forced closure of connections when stopping an application that uses Anypoint Connector for IBM MQ and the WMQ Connector.

MULE-19329/SE-20399

Fixed an issue that caused the DOM of the XML component to not work in Mule runtime engine 3.9.5.

MULE-19296/SE-20229/SE-20376/SE-20492

Fixed an HTTP listener issue that caused all HTTP listeners from applications of a domain to close when redeploying an application from that domain.

MULE-19284/SE-20205

Upgraded the XStream library dependency to 1.4.15.

DW-377

DataWeave: Support for XML DTD validation is disabled by default. To enable XML DTD validation, use the com.mulesoft.dw.xml.supportDTD system property or the supportDtd XML reader property.

For guidance with the patching process, see Apply Patch Updates.

April 2021

Patch release version: 3.9.5-20210322

For an upcoming release in May, the behavior of the DataWeave XML reader functionality will change.

This change will affect Mule versions 3.9.5, 4.1.6, 4.2.2, and 4.3.0 for on-premises Mule, CloudHub, and other hosted or embedded runtimes, including Anypoint Runtime Fabric and Anypoint Studio.

The April patch update addresses the following issues:

Issue Description

SE-15159

DataWeave: The DataWeave XML module includes a new property to handle XML DTDs.

SE-16329

DataWeave: Fixed an issue in which the lookup function incorrectly called flows asynchronously.

SE-18685

DataWeave: Prevented an error that occurred when reading inboundProperties from an HTTPS endpoint.

SE-19950

DataWeave: Fixed a dependency inconsistency in the Flat File module that caused a java.lang.IncompatibleClassChangeError on certain operating systems.

For guidance with the patching process, see Apply Patch Updates.

March 2021

Patch release version: 3.9.5-20210304

The March patch update addresses the following issues:

Issue Description

SE-19818

DataWeave: Fixed the flow variables lifecycle within transforms, which caused application failure when using the February release.

For guidance with the patching process, see Apply Patch Updates.

February 24, 2021

The initial release of Mule 3.9.5 includes fixed issues.

New Features and Enhancements

Not applicable.

Changes

Not applicable.

Known Issues

Issue Description

SE-21462

In Mule runtime engine (Mule) versions 3.8.6 through 3.9.5, if you restart the Mule application on the server where an API is implemented, the custom policies associated with that application are removed. This issue occurs in cases where API gateway cannot track a custom policy applied to an API in API Manager. To resolve this issue, upgrade to Mule 3.9.5 if using a previous version, and then apply the latest monthly patch for Mule 3.9.5.

SE-20229

When you redeploy an API implemented in a Mule application that uses HTTP listener, the Listener stops and does not restart. This issue occurs for HTTP Listeners that are defined in a Mule Domain. To resolve this issue, upgrade to Mule 3.9.5 if using a previous version, and then apply the latest monthly patch for Mule 3.9.5.

Fixed Issues

Issue Description

MULE-19207

Updated the XML Beans dependency to 3.1.0.

MULE-19123

Fixed an issue that caused a CXF proxy response with an empty SOAP:BODY to throw an exception when it was read.

MULE-19096

Updated the Guava dependency to 30.1-android.

MULE-19107

Resolved a NullPointerException caused by the http:header builder.

MULE-19073

Fixed a problem in which an exception in a catch exception strategy did not roll back the transaction.

MULE-19094

Updated the Jetty dependency to 9.4.35.

MULE-19093

Updated the Apache HttpClient (httpclient) dependency to 4.5.13.

MULE-19095

Updated the JUnit dependency to 4.13.1.

MULE-19031

Resolved an issue in which the target parameter of HTTP Request Connector did not work properly with flow variables whose names were escaped by single quotes.

MULE-19089

Fixed problem in which the WMQ outbound endpoint with transacted set in a request-response context stopped processing with no warning.

MULE-19071

Updated the WSS4J dependency to 1.6.19.

MULE-19039

Added back-support behavior in scenarios requiring a correlationId to work as it did until version 3.9.3.

In the earlier behavior, the correlation ID remained the same for messages that were split and aggregated within the application’s flows. The newer behavior adds a sequence suffix to the "split" instances of such messages. The new mule.compoundCorrelationId.disable property has a default value of false. Setting it to true disables the newer mechanism (with the sequence suffix) and uses the previous one in which the correlation ID remains the same.

MULE-19042

Resolved an issue in which the Until Successful scope (until-successful) did not retry on asynchronous events.

MULE-19020

Fixed problem in which connection errors were not computed in the application error count statistics.

MULE-19018

Resolved a problem in which transformers and response transformers were registered in dynamic endpoints when they should not be registered.

MULE-18986

Updated the Bouncycastle dependency to 1.67.

MULE-18981

Updated the jetty-webapp dependency to 9.4.34.v20201102.

MULE-18980

Updated the Jackson dependency to 2.11.

MULE-18982

Updated the jruby-joni dependency to 2.1.40.

MULE-18983

Removed the esapi dependency.

MULE-18869

Updated the opensaml dependency to 2.6.6.

MULE-18887

JMS sessions are now transacted.

MULE-18864

Updated the rhino dependency to 1.7.12.

MULE-18891

Updated the Spring dependency to 4.3.29.

MULE-18866

Updated the Apache Commons Codec dependency to 1.15.

MULE-18862

Updated the Apache Commons IO library dependency to 2.8.

MULE-18868

Updated the Apache Ant dependency to 1.10.9.

MULE-18817

Fixed an issue in which an XML-to-JSON transformation failed when the XML depth exceeded 64.

MULE-18798

Resolved a problem in which the JRuby component failed when assigning variables.

MULE-18799

Fixed serialization issues that caused an out-of-memory (OOM) error when splitting big XML documents in cluster mode.

MULE-18768

Resolved a problem in which cached variables in MEL reported the same error on subsequent transactions.

MULE-17732

Fixed a problem in which the JMS transport was not validating a timeout.

MULE-18754

Resolved an issue in which wire logging was not showing the complete XML in the response.

MULE-18710

Updated the Jetty Server dependency to 9.4.31.v20200723.

MULE-18701

Updated the JRuby dependency to 9.2.14.0.

MULE-18714

Fixed an issue in which it was not possible to resolve the Database connector’s connectionTimeout property.

MULE-17911

Resolved an issue in which the application logged FlowStack : <empty> when LoggerContext.updateLoggers() was called.

MULE-18704

Updated the ognl dependency to 3.0.12.

MULE-18700

Updated the Spring Security dependency to 4.2.18.

MULE-18637

Updated the Dom4J dependency to 2.1.3.

MULE-18681

Fixed a problem in which HTTP Listener Connector returned a chunked transfer-encoded response under HTTP 1.0.

MULE-18582

Resolved a problem in which an application was stuck in "starting" status when SFTP was configured to "reconnect forever" and the connection failed on startup.

MULE-17863

Resolved a file leak in TlsConfiguration.

MULE-18575

Fixed an incorrect mail batch-count verification when using the IMAP transport.

MULE-18548

Resolved an issue in which the in-memory object store did not expired in a secondary node.

MULE-18534

Fixed an issue in which a stored procedure with the CLOB In Out parameter failed to execute on an Oracle database.

MULE-18493

Resolved an issue in which HTTP Connector leaked sockets that were in the CLOSE_WAIT state when the client used HTTP/1.0.

MULE-18481

Fixed an issue with the rollback exception strategy in which redelivery attempts were not honored in the correct way.

MULE-18455

Fixed an issue in which Grizzly returned incorrect error codes with a long header request and a long URI request.

MULE-18503

Resolved a deadlock that occurred when handling a failed deferred response in HTTP.

MULE-18393

Resolved an issue in which the out body was cut under high-load scenarios.

MULE-18461

Fixed an issue in which a payload that was set to a target variable altered the original message MIME type.

MULE-18396

Used the graceful shutdown timeout to allow persistent connections to make a last request.

The corresponding response contains the Connection: close header.

MULE-18380

Added a tolerance time to wait for connections to close upon Mule shutdown.

MULE-18348

Fixed an issue in which MVEL interpreted a Bean property as a Mule variable when using MVEL caching.

MULE-18335

Improved the handling of inflight events and the cleanup of associated resources (such as connections) during shutdown.

MULE-18309

Added a Connection: close header when stopping Mule applications.

This change is needed to produce a graceful shutdown during redeployments.

MULE-18249

Updated the Mule launching script to avoid a readlink error.

MULE-18151

Resolved the closing of all connections (including persistent connections) during Mule shutdown.

This change is needed for redeployments.

MULE-18022

Fixed an issue with IBM MQ and JMS connectors that occurred when a channel was closed and the listener did not recover correctly.

MULE-18006

Resolved a ClassLoader leak that led to application undeployment errors on Windows OS because temporary files could not be properly cleaned up.

MULE-17956

Fixed an issue in which SOAP Kit routed requests to an incorrect path because it was not properly managing override rules.

MULE-17688

Fixed an issue in which Salesforce Connector 'sfdc:oauth-callback' was not properly registered.

MULE-17798

Resolved a problem in which MVEL incorrectly inferred the returnType on a substatement that was surrounded by parentheses.

EE-7212

Fixed an issue in which the Mule runtime engine did not start on macOS Catalina.

EE-7624

Updated the Tanuki wrapper dependency to 3.5.45.

EE-7548

Resolved an issue in which the correlationID was not properly resolved in the WMQ transport when the value of the correlationID was defined through an expression.

EE-7347

Removed FileUtils.deleteFile from the gateway domain script.

AGW-3711

Enhanced the User-Agent sent by API Gateway to improve request tracing by Anypoint Monitoring.

AGW-4013

Resolved exceptions from CORS misconfigurations, which were raised when the application started and stopped.

AGW-4034

Added flow and application names to API Analytics events and exposed generation information about those events.

AGW-4127

SE-15047: Fixed a problem in which an autogenerated proxy was incorrectly propagating headers back to Headers Response at Exception (504).

DW-299

Updated the woodstox dependency to 5.3.0.

AGW-1866

Resolved an issue that caused throttling and rate limiting policies to behave incorrectly when nodes in a Mule cluster were out of sync.

AGW-3038

Enhanced the OAuth Provider to accept a bearer header in lowercase.

AGW-3892

Fixed an issue in which starting and stopping an application broke the throttling and rate limiting policy.

AGW-4226

Resolved a CORS 'Error setting up policy' issue that was caused by a cluster race condition.

AGW-4284

SE-16641: Fixed a high CPU utilization issue with the agw-policy-watcher thread.

AGW-4340

SE-15324: Resolved a duplicated Spring object warning that occurred when applying a throttling policy.

AGW-4400

Resolved an issue with the handling of the Basic Auth Policy response.

MULE-19098

Updated the Jersey dependency to 2.33.

MULE-19070

Updated the xstream dependency to 1.4.15.

MULE-18130

SE-15049: Fixed a problem in which a PKCS12-based keystore with several aliases prevented an application from starting.

SE-15717

Resolved an issue in which the JMS consumer could not reconnect when the session was closed, which disrupted the operation.

MULE-17749

Updated the jcifs dependency to 1.3.19.

DEL-1836

Updated the mule-agent dependency to 1.15.3.

MULE-19125

Updated the Hazelcast dependency to 3.12.11.

EE-7087

Updated the licm dependency to 1.2.4.

MULE-18577

Resolved an issue in which an application failed to redeploy because of a StackOverflow condition.

MULE-18591

Fixed an issue with the NTLM dance renegotiation protocol that was caused by the underlying async libraries.

MULE-18653

Resolved an issue in which it was not possible to undeploy an application that was using an XSLT transformation on Windows.

This issue was caused by dependencies on files that could not be removed.

MULE-19019

Avoided adding the Content-length: 0 header for HTTP methods with undefined body semantics (GET, HEAD, and DELETE).

MULE-19150

Upgraded an underlying library dependency to resolve a java.security.SignatureException: Invalid encoding for signature (java.io.IOException) issue that occurred when using SFTP Connector.

SE-14513

DataWeave: Fixed an issue with close streams on lookup.

SE-14007

DataWeave: Fixed an issue in which OutputStream did not close, causing deferred mode failures for XML.

SE-14927

DataWeave: Fixed an issue with memory management.

SE-14294

DataWeave: Fixed an issue in which variables that can be consumed more than once could not be accessed in more than one script.

SE-15180

DataWeave: Fixed an issue to avoid stack overflow on append inside reduce.

SE-15955

DataWeave: Fixed a problem in which namespaces were not processed correctly when dynamically loading an externalized DataWeave script.

SE-18237

DataWeave: Updated the log4j dependency to version 2.8.2 in the FlatFile module.

SE-10638

DataWeave: Fixed an issue in which high CPU usage during transformation caused workers to stop processing.

SE-18372

DataWeave: Fixed an issue in which a packed decimal was converted incorrectly in the FlatFile module.

SE-18679

DataWeave: Added an option to catch the exception similar to previous behavior.

MULE-19140/DW-371

DataWeave: Fixed an issue with property handling.

Software Compatibility Testing

Mule was tested on the following software:

Software Version

JDK

JDK 1.8.0 (Recommended JDK 1.8.0_292)

OS

MacOS 11.4.x, HP-UX 11i V3, AIX 7.2, Windows Server 2019, Windows 10, Solaris 11.3, RHEL 8, Ubuntu Server 18.04

Application Servers

Tomcat 7, Tomcat 8, Weblogic 12c, Wildfly 8, Wildfly 9, Websphere 8, Jetty 8, Jetty 9

Databases

Oracle 11g, Oracle 12c, MySQL 5.5+, DB2 10, PostgreSQL 9, Derby 10, Microsoft SQL Server 2014

The unified Mule runtime engine 3.9.5 and API gateway is compatible with APIkit 3.9.5.

This version of Mule is bundled with the Runtime Manager Agent plugin version 1.15.3.