This release includes important security enhancements and fixes.
Mule Runtime 3.9.4 Release Notes
Initial Release: December 11, 2019
Mule Runtime 3.9.4 includes fixes and patch update releases.
September 2023
What’s New
This release includes security updates.
Patch release version: 3.9.4-20230824
This patch update addresses the following issues:
Description | Issue |
---|---|
W-13916544 |
There is no DataWeave update for this version this month.
For guidance with the patching process, see Apply Patch Updates.
May 2023
Patch release version: 3.9.4-20230424
This patch update addresses the following issues:
Description | Issue |
---|---|
This release fixes runtime generated usage metrics. |
W-12981071 |
There is no DataWeave update for this version this month.
For guidance with the patching process, see Apply Patch Updates.
December 11, 2019
Mule Runtime 3.9.4 includes the following enhancements, changes, and fixes.
This release is supported on Anypoint Private Cloud Edition 1.6.1 and later.
Key Enhancements
-
API Gateway: The release makes troubleshooting easier by adding logs to track the Contracts database lifecycle, client validation, Gatekeeper status, pointcut matching, Policy lifecycle, and others.
Changes
Starting with Mule 3.9.4, implementing multiple Autodiscoveries using the same API is no longer valid. Because policies are applied to every API in a specific runtime based on the configuration option you choose, you were able to define the same API in that runtime with multiple Autodiscoveries in Mule versions previous to 3.9.4.
Mule 3.9.4 considers the first API it detects as valid and applies policies to this API, while Gatekeeper keeps the other APIs blocked (if not disabled). To work around this issue, create different API instances for each Autodiscovery in the Mule application. Apply policies and contracts to each of those API instances separately.
Known Issues
Issue | Description |
---|---|
SE-21462 |
In Mule runtime engine (Mule) versions 3.8.6 through 3.9.5, if you restart the Mule application on the server where an API is implemented, the custom policies associated with that application are removed. This issue occurs in cases where API gateway cannot track a custom policy applied to an API in API Manager. To resolve this issue, upgrade to Mule 3.9.5 if using a previous version, and then apply the latest monthly patch for Mule 3.9.5. |
SE-20229 |
When you redeploy an API implemented in a Mule application that uses HTTP listener, the Listener stops and does not restart. This issue occurs for HTTP Listeners that are defined in a Mule Domain. To resolve this issue, upgrade to Mule 3.9.5 if using a previous version, and then apply the latest monthly patch for Mule 3.9.5. |
Issues Impacting Migration
Issue | Description |
---|---|
EE-7092 |
MMC agent was removed from the Mule distribution. Please use the Runtime Manager Agent (ARM) instead. |
MULE-8817 |
Spring Framework was upgraded from 4.1.9 to 4.3.25, and Spring Security was upgraded from 4.2.3 to 4.2.13. Minor incompatibilities are possible in the following components:
|
Fixed Issues
Issue | Description |
---|---|
MULE-17704 |
OAuth doesn’t refresh token when client maxRetries property set to zero. |
MULE-17677 |
Unauthenticated denial of service in Mule runtime engine 3.x. |
MULE-17674 |
Only allow MuleSession instances when deserializing corresponding header. |
MULE-17460 |
Mule unexpectedly transforms byte[] to String. |
MULE-17411 |
Null value is not correctly resolved in bean expression resolver. |
MULE-17407 |
Async is defining null |
MULE-17349 |
File open validation moves files on Windows. |
MULE-17298 |
Splash screen does not list odd-named patches. |
MULE-17116 |
Wrong logger name in |
MULE-17102 |
Composite converters that contain the same transformer chain are not filtered out. |
MULE-17070 |
Scatter-gather router inside exception handler is failing due to original exception. |
MULE-17058 |
CXF proxy service losing envelope data with user-defined interceptors. |
MULE-17002 |
Illegal type in constant pool when using more than 51 global function elements inside XML. |
MULE-16975 |
Newly created transaction is incorrectly propagated out of a transactional block. |
MULE-16925 |
Colon (:) should be part of the address when no |
MULE-16891 |
|
MULE-16835 |
DOM to XML: Maximum attribute size limit (524288) exceeded with a large payload. |
MULE-16674 |
MEL caching null values after second nullsafe operation is done. |
MULE-16479 |
Expired Cookie passed to endpoint if flow starts from another Mule API. |
MULE-17647 |
Allow domains to be redeployed without restarting its stopped applications. |
MULE-17389 |
Implement encrypt and sign atomic operation support in pgp-module. |
MULE-17115 |
Reduce logging verbosity when correlation IDs are repeated but matching. |
MULE-17749 |
Upgrade jcifs to 1.3.19. |
MULE-17735 |
Upgrade Rome to 1.12.2. |
MULE-17729 |
Upgrade Jackson to 2.10.0. |
MULE-17723 |
Upgrade ESAPI to 2.2.0.0. |
MULE-17722 |
Upgrade xml-tooling to 1.4.6. |
MULE-17721 |
Upgrade OpenSAML to 2.6.6. |
MULE-17720 |
Upgrade Jetty to 9.4.22.v20191022. |
MULE-17719 |
Upgrade Ant to 1.10.7. |
MULE-17718 |
Upgrade commons-codec to 1.13. |
MULE-17717 |
Upgrade Jython to 2.7.2b2. |
MULE-17716 |
Upgrade Quartz to 2.3.2. |
MULE-17715 |
Upgrade Rhino to 1.7.11. |
MULE-17714 |
Upgrade JRuby to 9.2.9.0. |
MULE-8817 |
Upgrade Spring to 4.3.17 and Spring Security to 4.2.6. |
MULE-17234 |
Limit static resource loader to its base path. |
MULE-17014 |
Create flag to set a period of time for ignoring recently processed files during the polling process. |
MULE-16949 |
Correct spelling of internal method. |
MULE-16893 |
Use |
EE-6939 |
Running |
EE-6840 |
Recreate Batch workers for executing job instance on restart. |
EE-6832 |
Batch records without |
EE-6374 |
Sending large bodies causes out-of-memory (OOM) error in HTTP requester. |
EE-7087 |
Update licm to version 1.2.4 in 3.x. |
EE-6891 |
Backport last changes and tests in JDBC+Cluster to Mule 3. |
AGW-3562 |
In Mule 3, when changes are applied to a policy, |
AGW-3099 |
Contracts are not updated in memory when encryption is set. |
AGW-3700 |
Improve troubleshooting by adding additional logs. |
DataWeave |
|
Software Compatibility Testing
Mule was tested on the following software:
Software | Version |
---|---|
JDK |
JDK 1.8.0 (Recommended JDK 1.8.0_191/192) |
OS |
MacOS 10.11.x, HP-UX 11i V3, AIX 7.2, Windows Server 2019, Windows 10, Solaris 11.3, RHEL 7, Ubuntu Server 16.04 |
Application Servers |
Tomcat 7, Tomcat 8, Weblogic 12c, Wildfly 8, Wildfly 9, Websphere 8, Jetty 8, Jetty 9 |
Databases |
Oracle 11g, Oracle 12c, MySQL 5.5+, DB2 10, PostgreSQL 9, Derby 10, Microsoft SQL Server 2014 |
Note that for RHEL 7, kernel version 3.10.0-1062 has an issue related to log4j2 that you can address by following guidance in the MuleSoft Knowledge Base article Mule Runtime CPU Utilization Increased After Patching the Linux Kernel to Kernel-3.10.0-1062.
The unified Mule runtime engine 3.9.4 and API gateway is compatible with APIkit 3.9.4.
This version of Mule is bundled with the Runtime Manager Agent plugin version 1.14.2.