Skip to main content
Tungsten Clustering

Tungsten Clustering 8.0.4

Build: 132
Release Date: 1 Jun 2026
Release 8.0.4 contains a number of stability improvements and minor bug fixes.

Behavior Changes (2)

The following changes may affect existing scripts and integration tools. Any scripts or environment which make use of these tools should check and update for the new configuration:

Installation and Deployment (1)

  • Upgraded 3rd party libraries to remove critical and high severity CVEs. The full list is as follows:

    • zookeeper 3.4.14 → 3.9.4 — CVE-2023-44981 (SASL Quorum auth bypass)
    • log4j-api / log4j-core 2.23.1 → 2.25.3 (consolidated) — keeps log4j current; no known critical post-2.17 CVEs but stays ahead
    • commons-text 1.9 → 1.12.0 / 1.13.0 — CVE-2022-42889 (Text4Shell)
    • commons-compress 1.21 → 1.27.1 — CVE-2024-25710, CVE-2024-26308 (DoS via crafted archives)
    • commons-configuration2 (replaced commons-configuration 1.9) → 2.11.0 — CVE-2024-29131, CVE-2024-29133
    • commons-io 2.11.0 → 2.18.0 — CVE-2024-47554
    • jackson-databind 2.13.0 → 2.17.2 / 2.18.2 — CVE-2022-42003, CVE-2022-42004
    • guava 31.0.1-jre → 33.4.0-jre — CVE-2023-2976
    • h2 1.4.199 → 2.3.232 — CVE-2021-23463, CVE-2022-23221
    • postgresql JDBC 42.5.4 → 42.7.7 — CVE-2024-1597, CVE-2022-31197, CVE-2022-26520
    • dom4j 1.6.1 → 2.1.4 — CVE-2018-1000632, CVE-2020-10683
    • xstream 1.4.20 → 1.4.21 — CVE-2024-47072
    • velocity-engine-core 2.3 → 2.4.1 — CVE-2020-13936 era cleanup
    • kafka-clients 0.10.2.2 → 3.9.1 — CVE-2023-25194, CVE-2024-27309
    • junit 4.12 → 4.13.2 — CVE-2020-15250 (temp-dir disclosure; test-time only)
    • netty / xz xz 1.8 → 1.9 — CVE-2022-26259 era
    • protobuf-java 2.6.1 → 4.33.5 — CVE-2024-7254, CVE-2022-3171

     

    The following libraries are no longer required and have been removed entirely:

    • bonecp 0.8.0 — abandoned upstream
    • derby 10.12.1.1
    • postgresql 9.0-801.jdbc3 and 9.3-1102.jdbc4 — many old PG-JDBC CVEs gone
    • sqljdbc4 (replaced by mssql-jdbc 12.10.0) — CVE-2022-23270 era
    Issues: CT-2752, CT-2677, CT-2681

Core Clustering (1)

  • Replicator and Connector will now generate a heap dump upon out of memory issues, located respectively in tungsten-replicator/log/replicator.hprof and in tungsten-connector/log/connector.hprof
    Issue: CT-2669

Known Issue (1)

The following issues are known within this release but not considered critical, nor impact operation. They will be addressed in a subsequent patch release.

Connector (1)

  • When working with MariaDB 11.4 and greater with SSL setup, tpm might fail to properly connect to the MariaDB server because of the new default for ssl-verify-server-cert (now true) REF: https://jira.mariadb.org/browse/MDEV-31857

    tpm will not return any error at install time but some utility scripts might not work correctly.

    Adding ssl-verify-server-cert=false to your MySQL configuration will workaround the problem.

    Issue: CT-2663

Improvements, new features and functionality (9)

Command-line Tools (3)

  • The tpm diag command now captures all MySQL configuration files referenced by any !include/!includedir directives, with a sudo fallback so root-owned 0640 configs are captured too.
    Issue: CT-2745
  • A new thl stats command has been added that allows you to gather statistics on the THL content, such as number of DML and DDL statements grouped by date, schema and table.
    Issues: CT-2720, CT-2760
  • The tpm diag command now searches enabled service log directories for *.hprof files via find, records path and size as hprof_files.txt, then warns the user with file size (in MB) and the tungsten_send_diag -f {path} -c {case_number} upload command for each file found.
    Issue: CT-2665

Core Replicator (2)

  • Improved logging performance of "UPDATE or DELETE statement did not process any row." messages.

    While these messages should be rare, performance could decrease when displaying a lot of rows. Also, the message format was changed when policy is set to WARN, previously:

    Event seqno=3726720187/fragno=0 : UPDATE or DELETE statement did not process any row. 
        DELETE FROM `someSchema`.`someTable` WHERE `id` = ?  
        Arguments: - ROW# = 0 - KEY(index=1 name=id type=4 [INTEGER] length=8 unsigned=true blob=false desc=BIGINT UNSIGNED) (size = 3) = 123

    Now, only the first line will be displayed by default:

    Event seqno=3726720187/fragno=0 : UPDATE or DELETE statement did not process any row.

    The detailed view of the statement / values that did not change the database will be logged only if log4j is set in DEBUG

    Issue: CT-2733

  • It is now possible to deploy a "cluster-extractor" topology with the standalone Replicator package via Docker.

    For more detiails and a step-by-step guide, see "Deploying a Replicator through Docker"

    Issue: CT-2591

Connector (1)

  • Connector now allows selection of the data service name (tungsten cluster name) at connection time, passing a new flag "dataservice=<name>" together with the desired schema name

    Example:

    mysql -u app_user -psecret -hdb1 -Dtest@dataservice=shard1 -P 3306

    This feature only works in proxy mode (it is not accessible in bridge mode). See "Advanced Shard Routing" for full implementation details.

    Issue: CT-2688

Manager (2)

  • A shunned node can be set to archive mode.
    Issue: CT-2690

  • A new TPM property property=policy.replica.promotion.max.synchronizing.duration has been added, having the following affect.

    During failover/switch, candidates stuck in SYNCHRONIZING state longer than the configured threshold are rejected. If all candidates are rejected, the promotion fails with "Unable to switch the master because none of the slaves are ONLINE or otherwise available to switch to."

    In the automatic failover path, the failed datasource is shunned with reason "FAILOVER-ABORTED".

    This feature closes a gap where data-loss could have previoulsy occurred when the failover/switch selected a candidate with a replicator in an undetected error state

    Issue: CT-2657

Documentation (1)

  • All documentation URL references in help text output and template files have been updated.
    Issue: CT-2686

Bug Fixes (8)

Installation and Deployment (1)

  • tpm validate-update no longer exits with error when upgrading from 6.x versions and modifications of tungsten.ini are required for SSL setup.
    Issue: CT-2658

Command-line Tools (3)

  • tpm purge-thl / tungsten_purge_thl : the "running on a Primary node" warning and the --files flag now both behave correctly when there is only a single THL file (previously skipped via an early return).
    Issue: CT-2750
  • THL and query replicator command-line tools now send log4j output to stderr instead of stdout, so callers piping/parsing their output get clean data even when warnings or errors are logged.
    Issue: CT-2744
  • The tpm report command no longer issues warnings about "Duplicate specification for option".
    Issue: CT-2672

Connector (1)

  • Fixed an issue in multi-site configurations where a site recovery would cause a brief application disconnection on the local site.
    Issue: CT-2693

Manager (1)

  • Fixed the manager infinite restart loop on edge cases while joining a cluster.
    Issue: CT-2723

Security (1)

  • Fixed an issue with tpm wrongly trying to validate keystores with database SSL off + THL SSL on.
    Issue: CT-2691

API (1)

  • Manager API "status" payload misspelled "truststoreLocation" (was trustoreLocation)
    Issue: CT-2756