An XML transformation error no longer occurs when using the M-Dmule.xstream.allowlist flag.
Mule Runtime 3.9.5 Release Notes
Initial Release: February 24, 2021
Mule Runtime 3.9.5 includes fixes and patch update releases.
February 2024
Patch release version: 3.9.5-20240122
This patch update addresses the following issues:
Description | Issue |
---|---|
W-14417598 |
There is no DataWeave update for this version this month.
For guidance with the patching process, see Apply Patch Updates.
September 2023
What’s New
This release includes security updates.
Patch 3.9.5-20230823
Patch release version: 3.9.5-20230823
This patch update addresses the following issues:
Description | Issue |
---|---|
This release includes important security enhancements and fixes. |
W-13916544 |
There is no DataWeave update for this version this month.
For guidance with the patching process, see Apply Patch Updates.
August 2023
Patch release version: 3.9.5-20230726
This patch update addresses the following issues:
Description | Issue |
---|---|
SnakeYAML is upgraded to version 2.0. |
W-13506775 |
Hazelcast is upgraded to version 3.12.13. |
W-13741059 |
There is no DataWeave update for this version this month.
For guidance with the patching process, see Apply Patch Updates.
May 2023
Patch release version: 3.9.5-20230424
This patch update addresses the following issues:
Description | Issue |
---|---|
This release fixes runtime generated usage metrics. |
W-12981071 |
There is no DataWeave update for this version this month.
For guidance with the patching process, see Apply Patch Updates.
April 2023
Patch release version: 3.9.5-20230330
This patch update addresses the following issues:
Description | Issue |
---|---|
Mule runtime engine no longer fails to load the driver when there is a connection pool for a database. |
W-12436154 |
Identity file passphrase is logged in error messages. |
W-12450302 |
Mule runtime engine 3.9.5 versions now start on macOS with versions where the patch version is omitted. |
W-12623414 |
There is no DataWeave update for this version this month.
For guidance with the patching process, see Apply Patch Updates.
March 2023
Patch release version: 3.9.5-20230217
This patch update addresses the following issues:
Description | Issue |
---|---|
This release updates the version of |
W-11577522 |
Upgraded |
W-13161611 |
There is no DataWeave update for this version this month.
For guidance with the patching process, see Apply Patch Updates.
January 2023
Patch release version: 3.9.5-20221212
This patch update addresses the following issues:
Description | Issue |
---|---|
Brackets ( |
W-11494657 |
The expressions cache is no longer the source of a null pointer exception (NPE) during the evaluation of an MVEL expression. |
W-11494657 |
There is no DataWeave update for this version this month.
For guidance with the patching process, see Apply Patch Updates.
October 2022
Patch release version: 3.9.5-20220920
This patch update addresses the following issues:
Description | Issue |
---|---|
Internal improvements and library upgrades. |
W-11741243 |
There is no DataWeave update for this version this month.
For guidance with the patching process, see Apply Patch Updates.
July 2022
Patch release version: 3.9.5-20220623
This patch update addresses the following issues:
Description | Issue |
---|---|
Jackson upgraded to 2.13.3. |
W-11139348 |
For guidance with the patching process, see Apply Patch Updates.
May 2022
Patch release version: 3.9.5-20220421
This patch update addresses the following issues:
Description | Issue |
---|---|
APIKit now provides the ability to disable encoding detection. |
W-10867010 |
Removed private logger with unexpected data formatting from the |
W-10967100 |
For guidance with the patching process, see Apply Patch Updates.
March 2022
Patch release version: 3.9.5-20220222
This patch update addresses the following issues:
Description | Issue |
---|---|
Error responses now return in the correct format, in quotes instead of square brackets. |
W-10660160 / SE-24398 |
For guidance with the patching process, see Apply Patch Updates.
February 2022
Patch release version: 3.9.5-20220127
This patch update addresses the following issues:
Description | Issue |
---|---|
A race condition, which caused an incorrect schema validation, no longer occurs when deploying multiple applications in parallel. |
MULE-20024/SE-22842 |
The CXF interceptor no longer adds an extra xml tag to some HTTP responses. |
MULE-20043/SE-23853 |
Mule 3.8 and Mule 3.9 now behave the same when setting variables and their associated MIME type.. |
MULE-19814/SE-22635 |
HTTP requests that contain an encoded double slash in the URI parameter no longer cause a |
MULE-19933/SE-22967 |
Adoptium Temurin JDK is now a recommended JDK vendor. |
MULE-19917/SE-23354 |
Removing an application that is in stopped state no longer prevents redeploying that application. |
MULE-19890/SE-22261 |
CXF components no longer throw exceptions when a |
MULE-19889/SE-21182 |
The Foreach component now uses the same |
MULE-19844/SE-22632 |
Stopping a server in a server group no longer causes Anypoint Platform to show application status as Undeploying. |
MULE-19783/SE-21872 |
Requests no longer remain stuck at the end of a |
MULE-19780/SE-21042 |
A |
EE-8140/SE-21240 |
For guidance with the patching process, see Apply Patch Updates.
January 2022
Patch release version: 3.9.5-20211224
This patch update addresses the following issues:
Description | Issue |
---|---|
After upgrading from Mule runtime version 3.8.5 to 3.9.5, the CXF Component no longer raises exceptions in working configurations. |
MULE-19889/SE-21182 |
A |
EE-8140/SE-21240 |
You can now redeploy applications that were in a stopped state when they were deleted. |
MULE-19890/SE-22261 |
HTTP requests with |
MULE-19884/SE-22637 |
Deployment failures no longer repeat |
MULE-19923/SE-22641 |
A request encoded with double slashes in the URI parameter no longer results in |
MULE-19933/SE-22967 |
Mule now recognizes Eclipse Temurin by Adoptium (formerly Adopt OpenJDK project) as a recommended JDK Vendor and no longer raises an INFO-level log message. |
MULE-19917/SE-23354 |
Addressed a regression introduced in November patch |
SE-22635 |
Added new system property |
MULE-19941 |
For guidance with the patching process, see Apply Patch Updates.
November 2021
Patch release version: 3.9.5-20211018
The November patch update addresses the following issues:
Description | Issue |
---|---|
HTTP requests now complete at the end of a Request-Reply scope. |
MULE-19780/SE-21042 |
If you stop a server that is part of a server group, applications using that runtime no longer show a status of |
MULE-19783/SE-21872 |
When cache is enabled on an application, the MuleSoft Expression Language (MEL) no longer evaluates the NullSafe |
MULE-19785/SE-22515 |
If you set |
MULE-19844/SE-22632 |
Mule runtime now checks if the MIME type is set in the |
MULE-19814/SE-22635 |
For guidance with the patching process, see Apply Patch Updates.
October 2021
Patch release version: 3.9.5-20210915
The October patch update addresses the following issues:
Description | Issue |
---|---|
Introduced a new mechanism for collecting API gateway usage statistics, which defaults to enabled. To opt out, include |
AGW-4823 |
For guidance with the patching process, see Apply Patch Updates.
September 2021
Patch release version: 3.9.5-20210823
The September patch update addresses the following issues:
Issue | Description |
---|---|
MULE-19720/SE-22244 |
WebSphere MQ (WMQ) connector outbound endpoint does not create a transactional context when there is no transaction. |
SE-20362/IMC-92 |
Added a new system property for WebSphere MQ (WMQ) connector to reflect the encryption status of the correlation ID. |
For guidance with the patching process, see Apply Patch Updates.
August 2021
Patch release version: 3.9.5-20210719
The August patch update addresses the following issues:
Issue | Description |
---|---|
AGW-4869/SE-21462 |
Custom policies are no longer deleted after restarting an application from Anypoint Runtime Manager. |
MULE-19427/SE-19908 |
A serialization issue no longer occurs after a |
For guidance with the patching process, see Apply Patch Updates.
July 2021
Patch release version: 3.9.5-20210622
The July patch update addresses the following issues:
Issue | Description |
---|---|
SE-20063 |
The RAML Java parser logger improves log messages. |
SE-20800 |
The |
MULE-19450 |
The |
SE-20880 |
DataWeave flat files now contain the property |
MULE-19284 |
This release updates XStream to 1.4.16 and Spring Security to 4.2.20. |
APIKIT-2943 |
Upgraded the Java RAML parser to 1.0.44-1. |
For guidance with the patching process, see Apply Patch Updates.
June 2021
Patch release version: 3.9.5-20210517
The June patch update addresses the following issues:
Issue | Description |
---|---|
SE-20983 |
A class-loading regression, introduced in the May update, that caused a |
MULE-19374 |
Updated the Groovy dependency to version 2.4.21. |
For guidance with the patching process, see Apply Patch Updates.
May 2021
Patch release version: 3.9.5-20210419
The default for the DataWeave XML reader property This change affects Mule versions 3.9.5, 4.1.6, and 4.2.2 for on-premises Mule, CloudHub, and other hosted or embedded runtimes, including Anypoint Runtime Fabric and Anypoint Studio. Future patches to these releases and future minor releases of Mule will also incorporate the new default. To address this change, see Change of Behavior with DataWeave Functionality on May 4, 2021. |
The May patch update addresses the following issues:
Issue | Description |
---|---|
MULE-19327/SE-20359 |
Provided the system property |
MULE-19329/SE-20399 |
Fixed an issue that caused the DOM of the XML component to not work in Mule runtime engine 3.9.5. |
MULE-19296/SE-20229/SE-20376/SE-20492 |
Fixed an HTTP listener issue that caused all HTTP listeners from applications of a domain to close when redeploying an application from that domain. |
MULE-19284/SE-20205 |
Upgraded the XStream library dependency to 1.4.15. |
DW-377 |
DataWeave: Support for XML DTD validation is disabled by default. To enable XML DTD validation, use the |
For guidance with the patching process, see Apply Patch Updates.
April 2021
Patch release version: 3.9.5-20210322
For an upcoming release in May, the behavior of the DataWeave XML reader functionality will change. This change will affect Mule versions 3.9.5, 4.1.6, 4.2.2, and 4.3.0 for on-premises Mule, CloudHub, and other hosted or embedded runtimes, including Anypoint Runtime Fabric and Anypoint Studio. To prepare for this change, see Change of Behavior with DataWeave Functionality on May 4, 2021. |
The April patch update addresses the following issues:
Issue | Description |
---|---|
SE-15159 |
DataWeave: The DataWeave XML module includes a new property to handle XML DTDs. |
SE-16329 |
DataWeave: Fixed an issue in which the |
SE-18685 |
DataWeave: Prevented an error that occurred when reading |
SE-19950 |
DataWeave: Fixed a dependency inconsistency in the Flat File module that caused a |
For guidance with the patching process, see Apply Patch Updates.
March 2021
Patch release version: 3.9.5-20210304
The March patch update addresses the following issues:
Issue | Description |
---|---|
SE-19818 |
DataWeave: Fixed the flow variables lifecycle within transforms, which caused application failure when using the February release. |
For guidance with the patching process, see Apply Patch Updates.
February 24, 2021
The initial release of Mule 3.9.5 includes fixed issues.
Known Issues
Issue | Description |
---|---|
SE-21462 |
In Mule runtime engine (Mule) versions 3.8.6 through 3.9.5, if you restart the Mule application on the server where an API is implemented, the custom policies associated with that application are removed. This issue occurs in cases where API gateway cannot track a custom policy applied to an API in API Manager. To resolve this issue, upgrade to Mule 3.9.5 if using a previous version, and then apply the latest monthly patch for Mule 3.9.5. |
SE-20229 |
When you redeploy an API implemented in a Mule application that uses HTTP listener, the Listener stops and does not restart. This issue occurs for HTTP Listeners that are defined in a Mule Domain. To resolve this issue, upgrade to Mule 3.9.5 if using a previous version, and then apply the latest monthly patch for Mule 3.9.5. |
Fixed Issues
Issue | Description |
---|---|
MULE-19207 |
Updated the XML Beans dependency to 3.1.0. |
MULE-19123 |
Fixed an issue that caused a CXF proxy response with an empty |
MULE-19096 |
Updated the Guava dependency to 30.1-android. |
MULE-19107 |
Resolved a |
MULE-19073 |
Fixed a problem in which an exception in a catch exception strategy did not roll back the transaction. |
MULE-19094 |
Updated the Jetty dependency to 9.4.35. |
MULE-19093 |
Updated the Apache HttpClient (httpclient) dependency to 4.5.13. |
MULE-19095 |
Updated the JUnit dependency to 4.13.1. |
MULE-19031 |
Resolved an issue in which the |
MULE-19089 |
Fixed problem in which the WMQ outbound endpoint with |
MULE-19071 |
Updated the WSS4J dependency to 1.6.19. |
MULE-19039 |
Added back-support behavior in scenarios requiring a In the earlier behavior, the correlation ID remained the same for messages that were split and aggregated within the application’s flows. The newer behavior adds a sequence suffix to the "split" instances of such messages. The new |
MULE-19042 |
Resolved an issue in which the Until Successful scope ( |
MULE-19020 |
Fixed problem in which connection errors were not computed in the application error count statistics. |
MULE-19018 |
Resolved a problem in which transformers and response transformers were registered in dynamic endpoints when they should not be registered. |
MULE-18986 |
Updated the Bouncycastle dependency to 1.67. |
MULE-18981 |
Updated the jetty-webapp dependency to 9.4.34.v20201102. |
MULE-18980 |
Updated the Jackson dependency to 2.11. |
MULE-18982 |
Updated the jruby-joni dependency to 2.1.40. |
MULE-18983 |
Removed the esapi dependency. |
MULE-18869 |
Updated the opensaml dependency to 2.6.6. |
MULE-18887 |
JMS sessions are now transacted. |
MULE-18864 |
Updated the rhino dependency to 1.7.12. |
MULE-18891 |
Updated the Spring dependency to 4.3.29. |
MULE-18866 |
Updated the Apache Commons Codec dependency to 1.15. |
MULE-18862 |
Updated the Apache Commons IO library dependency to 2.8. |
MULE-18868 |
Updated the Apache Ant dependency to 1.10.9. |
MULE-18817 |
Fixed an issue in which an XML-to-JSON transformation failed when the XML depth exceeded 64. |
MULE-18798 |
Resolved a problem in which the JRuby component failed when assigning variables. |
MULE-18799 |
Fixed serialization issues that caused an out-of-memory (OOM) error when splitting big XML documents in cluster mode. |
MULE-18768 |
Resolved a problem in which cached variables in MEL reported the same error on subsequent transactions. |
MULE-17732 |
Fixed a problem in which the JMS transport was not validating a timeout. |
MULE-18754 |
Resolved an issue in which wire logging was not showing the complete XML in the response. |
MULE-18710 |
Updated the Jetty Server dependency to 9.4.31.v20200723. |
MULE-18701 |
Updated the JRuby dependency to 9.2.14.0. |
MULE-18714 |
Fixed an issue in which it was not possible to resolve the Database connector’s |
MULE-17911 |
Resolved an issue in which the application logged |
MULE-18704 |
Updated the ognl dependency to 3.0.12. |
MULE-18700 |
Updated the Spring Security dependency to 4.2.18. |
MULE-18637 |
Updated the Dom4J dependency to 2.1.3. |
MULE-18681 |
Fixed a problem in which HTTP Listener Connector returned a chunked transfer-encoded response under HTTP 1.0. |
MULE-18582 |
Resolved a problem in which an application was stuck in "starting" status when SFTP was configured to "reconnect forever" and the connection failed on startup. |
MULE-17863 |
Resolved a file leak in |
MULE-18575 |
Fixed an incorrect mail batch-count verification when using the IMAP transport. |
MULE-18548 |
Resolved an issue in which the in-memory object store did not expired in a secondary node. |
MULE-18534 |
Fixed an issue in which a stored procedure with the CLOB In Out parameter failed to execute on an Oracle database. |
MULE-18493 |
Resolved an issue in which HTTP Connector leaked sockets that were in the CLOSE_WAIT state when the client used HTTP/1.0. |
MULE-18481 |
Fixed an issue with the rollback exception strategy in which redelivery attempts were not honored in the correct way. |
MULE-18455 |
Fixed an issue in which Grizzly returned incorrect error codes with a long header request and a long URI request. |
MULE-18503 |
Resolved a deadlock that occurred when handling a failed deferred response in HTTP. |
MULE-18393 |
Resolved an issue in which the out body was cut under high-load scenarios. |
MULE-18461 |
Fixed an issue in which a payload that was set to a target variable altered the original message MIME type. |
MULE-18396 |
Used the graceful shutdown timeout to allow persistent connections to make a last request. The corresponding response contains the |
MULE-18380 |
Added a tolerance time to wait for connections to close upon Mule shutdown. |
MULE-18348 |
Fixed an issue in which MVEL interpreted a Bean property as a Mule variable when using MVEL caching. |
MULE-18335 |
Improved the handling of inflight events and the cleanup of associated resources (such as connections) during shutdown. |
MULE-18309 |
Added a This change is needed to produce a graceful shutdown during redeployments. |
MULE-18249 |
Updated the Mule launching script to avoid a |
MULE-18151 |
Resolved the closing of all connections (including persistent connections) during Mule shutdown. This change is needed for redeployments. |
MULE-18022 |
Fixed an issue with IBM MQ and JMS connectors that occurred when a channel was closed and the listener did not recover correctly. |
MULE-18006 |
Resolved a |
MULE-17956 |
Fixed an issue in which SOAP Kit routed requests to an incorrect path because it was not properly managing override rules. |
MULE-17688 |
Fixed an issue in which Salesforce Connector 'sfdc:oauth-callback' was not properly registered. |
MULE-17798 |
Resolved a problem in which MVEL incorrectly inferred the |
EE-7212 |
Fixed an issue in which the Mule runtime engine did not start on macOS Catalina. |
EE-7624 |
Updated the Tanuki wrapper dependency to 3.5.45. |
EE-7548 |
Resolved an issue in which the |
EE-7347 |
Removed |
AGW-3711 |
Enhanced the User-Agent sent by API Gateway to improve request tracing by Anypoint Monitoring. |
AGW-4013 |
Resolved exceptions from CORS misconfigurations, which were raised when the application started and stopped. |
AGW-4034 |
Added flow and application names to API Analytics events and exposed generation information about those events. |
AGW-4127 |
SE-15047: Fixed a problem in which an autogenerated proxy was incorrectly propagating headers back to |
DW-299 |
Updated the woodstox dependency to 5.3.0. |
AGW-1866 |
Resolved an issue that caused throttling and rate limiting policies to behave incorrectly when nodes in a Mule cluster were out of sync. |
AGW-3038 |
Enhanced the OAuth Provider to accept a |
AGW-3892 |
Fixed an issue in which starting and stopping an application broke the throttling and rate limiting policy. |
AGW-4226 |
Resolved a CORS 'Error setting up policy' issue that was caused by a cluster race condition. |
AGW-4284 |
SE-16641: Fixed a high CPU utilization issue with the |
AGW-4340 |
SE-15324: Resolved a duplicated Spring object warning that occurred when applying a throttling policy. |
AGW-4400 |
Resolved an issue with the handling of the |
MULE-19098 |
Updated the Jersey dependency to 2.33. |
MULE-19070 |
Updated the xstream dependency to 1.4.15. |
MULE-18130 |
SE-15049: Fixed a problem in which a PKCS12-based keystore with several aliases prevented an application from starting. |
SE-15717 |
Resolved an issue in which the JMS consumer could not reconnect when the session was closed, which disrupted the operation. |
MULE-17749 |
Updated the jcifs dependency to 1.3.19. |
DEL-1836 |
Updated the mule-agent dependency to 1.15.3. |
MULE-19125 |
Updated the Hazelcast dependency to 3.12.11. |
EE-7087 |
Updated the licm dependency to 1.2.4. |
MULE-18577 |
Resolved an issue in which an application failed to redeploy because of a StackOverflow condition. |
MULE-18591 |
Fixed an issue with the NTLM dance renegotiation protocol that was caused by the underlying async libraries. |
MULE-18653 |
Resolved an issue in which it was not possible to undeploy an application that was using an XSLT transformation on Windows. This issue was caused by dependencies on files that could not be removed. |
MULE-19019 |
Avoided adding the |
MULE-19150 |
Upgraded an underlying library dependency to resolve a |
SE-14513 |
DataWeave: Fixed an issue with close streams on lookup. |
SE-14007 |
DataWeave: Fixed an issue in which OutputStream did not close, causing deferred mode failures for XML. |
SE-14927 |
DataWeave: Fixed an issue with memory management. |
SE-14294 |
DataWeave: Fixed an issue in which variables that can be consumed more than once could not be accessed in more than one script. |
SE-15180 |
DataWeave: Fixed an issue to avoid stack overflow on |
SE-15955 |
DataWeave: Fixed a problem in which namespaces were not processed correctly when dynamically loading an externalized DataWeave script. |
SE-18237 |
DataWeave: Updated the log4j dependency to version 2.8.2 in the FlatFile module. |
SE-10638 |
DataWeave: Fixed an issue in which high CPU usage during transformation caused workers to stop processing. |
SE-18372 |
DataWeave: Fixed an issue in which a packed decimal was converted incorrectly in the FlatFile module. |
SE-18679 |
DataWeave: Added an option to catch the exception similar to previous behavior. |
MULE-19140/DW-371 |
DataWeave: Fixed an issue with property handling. |
Software Compatibility Testing
Mule was tested on the following software:
Software | Version |
---|---|
JDK |
JDK 1.8.0 (Recommended JDK 1.8.0_292) |
OS |
MacOS 11.4.x, HP-UX 11i V3, AIX 7.2, Windows Server 2019, Windows 10, Solaris 11.3, RHEL 8, Ubuntu Server 18.04 |
Application Servers |
Tomcat 7, Tomcat 8, Weblogic 12c, Wildfly 8, Wildfly 9, Websphere 8, Jetty 8, Jetty 9 |
Databases |
Oracle 11g, Oracle 12c, MySQL 5.5+, DB2 10, PostgreSQL 9, Derby 10, Microsoft SQL Server 2014 |
The unified Mule runtime engine 3.9.5 and API gateway is compatible with APIkit 3.9.5.
This version of Mule is bundled with the Runtime Manager Agent plugin version 1.15.3.