Patch Level Update

This guide explains how to perform a patch level update. The patch level is the version number “after the second dot”. Example: update from 7.3.2 to 7.3.3.

Enterprise Feature

Please note that Patch Level Updates are only provided to enterprise customers, they are not available in the community edition.

Check the Camunda enterprise homepage for more information or get your free trial version.

Reading this Guide

In this guide, a number of variables are used to denote common path names and constants:

  • $DATABASE: the target database platform, e.g., DB2, MySql etc.
  • $DISTRIBUTION_PATH: the path of the downloaded pre-packaged Camunda BPM distribution, e.g., camunda-bpm-tomcat-$PLATFORM_VERSION.zip or camunda-bpm-tomcat-$PLATFORM_VERSION.tar.gz for Tomcat etc.
  • $PLATFORM_VERSION: the version of the Camunda BPM platform you want to install, e.g., 7.1.0.

Database Patches

Between patch levels, the structure of the database schema is not changed. The database structure of all patch releases is backwards compatible to the corresponding minor version. Example: the database schema of all 7.3.x versions is backwards compatible to the 7.3.0 schema.

The one exception to this are bugs in the database schema itself. If you are affected by such a bug, you have the option to run a patch script. Patch scripts are shipped inside the distribution at the following location: $DISTRIBUTION_PATH/sql/upgrade, named: engine_$VERSION_patch_$A_to_$B. If you do choose to apply a database patch, then you must apply all patch scripts that are within the bounds of your update path. This means if your current patch version is X.X.1 and you update to X.X.5 you have to execute all patch scripts first where $AX.X.1 and $BX.X.5.

Each patch script contains a comment what the fixes are related to and a link to the corresponding Camunda Jira issue.

The following list is an overview of all currently available patch scripts:

Camunda Version Patch file Description Affected databases Issue link
7.1 engine_7.1_patch_7.1.4_to_7.1.5.sql Add a missing index on foreign key to prevent deadlocks H2, MySQL, Oracle, PostgreSQL CAM-2567
7.1 engine_7.1_patch_7.1.9_to_7.1.10.sql Add a missing index on foreign key to prevent deadlocks DB2, SQL Server CAM-3565
7.2 engine_7.2_patch_7.2.4_to_7.2.5.sql Add a missing index on foreign key to prevent deadlocks. This is the same patch as engine_7.1_patch_7.1.9_to_7.1.10.sql. DB2, SQL Server CAM-3565
7.2 engine_7.2_patch_7.2.6_to_7.2.7.sql Add indices to improve deployment performance. All databases CAM-4497
7.3 engine_7.3_patch_7.3.0_to_7.3.1.sql Adjust column size of ACT_HI_JOB_LOG.ACT_ID_ to 255. All databases CAM-4037
7.3 engine_7.3_patch_7.3.2_to_7.3.3_1.sql Add a missing index on ACT_RU_AUTHORIZATION#RESOURCE_ID_ to prevent deadlocks. All databases CAM-4440
7.3 engine_7.3_patch_7.3.2_to_7.3.3_2.sql Add indices to improve deployment performance. This is the same patch as engine_7.2_patch_7.2.6_to_7.2.7.sql. All databases CAM-4497
7.3 engine_7.3_patch_7.3.5_to_7.3.6_1.sql Adjust column size of ACT_RU_JOB.PROCESS_DEF_KEY_ to 255. All databases CAM-4328
7.3 engine_7.3_patch_7.3.5_to_7.3.6_2.sql Add indices to improve performance of group authorizations. All databases CAM-5364
7.4 engine_7.4_patch_7.4.2_to_7.4.3_1.sql Add index to improve historic activity instance statistics query performance. All databases CAM-5257
7.4 engine_7.4_patch_7.4.2_to_7.4.3_2.sql Add a missing index on ACT_RU_EXT_TASK#EXECUTION_ID_ to prevent deadlocks. All databases CAM-5440
7.4 engine_7.4_patch_7.4.2_to_7.4.3_3.sql Add indices to improve performance of group authorizations. This is the same patch as engine_7.3_patch_7.3.5_to_7.3.6_2.sql. All databases CAM-5364
7.4 engine_7.4_patch_7.4.5_to_7.4.6.sql Adjust column size of ACT_RU_JOB.PROCESS_DEF_KEY_ to 255. This is the same patch as engine_7.3_patch_7.3.5_to_7.3.6_1.sql. All databases CAM-4328
7.6 engine_7.6_patch_7.6.0_to_7.6.1.sql Adjust column size of ACT_RU_EVENT_SUBSCR.ACTIVITY_ID_ to 255. All databases CAM-6788
7.6 engine_7.6_patch_7.6.2_to_7.6.3_1.sql Add a missing index on ACT_RU_EXT_TASK#ERROR_DETAILS_ID_ to prevent deadlocks. All databases CAM-7263
7.6 engine_7.6_patch_7.6.2_to_7.6.3_2.sql Remove an incorrect index ACT_RU_JOB#ACT_IDX_JOB_HANDLER for MSSQL Server. MSSQL Server CAM-7442

Special Considerations

This section describes noteworthy changes between individual patch levels.

7.3.2 to 7.3.3

By default it is not possible anymore to pass arbitrary expressions as parameters of task queries.

Reason: Passing EL expressions in a task query enables execution of arbitrary code when the query is evaluated.

The process engine no longer evaluates these expressions by default and throws an exception instead. The pevious behavior can be re-enabled by setting the process configuration enableExpressionsInAdhocQueries to true.

See the user guide on security considerations for custom code for details.

7.6.10 to 7.6.11

Java serialization format

You can now configure, if you forbid the usage of Java serialization format, when passing object variables in their Java serialized representation.

The new configuration parameter javaSerializationFormatEnabled defaults to true, but can be configured to false in Camunda engine configuration.

Following use cases are affected:

  • REST API:
PUT /process-instance/{id}/variables/{varName}

{
  "value" : "ab",
  "type" : "Object",
  "valueInfo" : {
    "objectTypeName": "com.example.MyObject",
    "serializationDataFormat": "application/x-java-serialized-object"
  }
}
  • Java API:
runtimeService.setVariable(processInstanceId, "varName",
        Variables
          .serializedObjectValue("ab")
          .serializationDataFormat("application/x-java-serialized-object")
          .objectTypeName("com.example.MyObject")
          .create());

You can disable Java serialization usage with the help of this configuration parameter:

<property name="javaSerializationFormatEnabled">false</property>

Groovy version

The pre-built Camunda distributions of versions 7.6.10, 7.7.5 and 7.8.0 ship with Groovy library of version 2.4.5, whereas newer versions come with Groovy 2.4.13. Please updade the library groovy-all-$GROOVY_VERSION.jar in the lib folder of your application server.

Full Distribution

This section is applicable if you installed the Full Distribution with a shared process engine. In this case you need to update the libraries and applications installed inside the application server.

Please note that the following procedure may differ for cluster scenarios. Contact our support team if you need further assistance.

  • Shut down the server
  • Exchange Camunda BPM libraries, tools and webapps (EAR, RAR, Subsystem (JBoss), Shared Libs) - essentially, follow the installation guide for your server.
  • Restart the server

Application With Embedded Process Engine

In case you use an embedded process engine inside your Java Application, you need to

  1. update the Process Engine librarayin your dependency management (Apache MAven, Gradle …),
  2. re-package the application,
  3. deploy the new version of the application.

Standalone Webapplication Distribution

In case you installed the Standalone Webapplication Distribution you need to

  1. undeploy the previous version of the webapplication,
  2. deploy the new version of the webapplication.

Applying Multiple Patches at Once

It is possible to apply multiple patches in one go (e.g., updateing from 7.1.0 to 7.1.4).

On this Page: