Potential memory leaks found in previous 2.25 versions have been fixed in 2.25.5+. Please upgrade to avoid this issue.

Current Version: v2.27.12

This changelog covers what has changed in the WhatsApp Business API client and AWS Templates.


Software Version Details

WhatsApp Business API for On-premise


Expires on Oct 14, 2020

WhatsApp Business API for AWS

Template version: 2.3.5

Expires on Oct 14, 2020



Must be 5.7.xx. Higher versions of this are not currently supported.



Versions 9.5.x, 9.6.x, and 10.x are currently supported.

Docker, Postman

Any recent version

Ideally it should support any recent version.

WhatsApp Business API Client

Deprecated versions are not supported anymore and will soon not be allowed to send messages. Please keep your WhatsApp Business API Client installation updated.

Version Date Introduced Available Until

v2.27.12 CURRENT

Apr 17, 2020

Oct 14, 2020


Apr 8, 2020

Oct 5, 2020


Mar 4, 2020

Aug 30, 2020


Feb 4, 2020

Aug 2, 2020


Jan 6, 2020

Jul 4, 2020


Nov 13, 2019

May 11, 2020


Oct 7, 2019

Apr 4, 2020


Sep 9, 2019

Mar 7, 2020


Aug 26, 2019

Feb 22, 2020


Sep 9, 2019

Mar 7, 2020


Blocking updates are ones in which the Coreapp will suffer downtime while upgrading using the db-upgrade service. Non-blocking updates are ones in which the Coreapp should continue to run when upgrading using the db-upgrade service. You can only use the db-upgrade service to upgrade to a version >= 2.23.* from your current version.

Apr 17, 2020 (v2.27.12)

Apr 8, 2020 (v2.27.11)

  • Coreapp Overview dashboard improvements
  • [Bug fix] Coreapp disconnects database connections more frequently than necessary

Mar 4, 2020 (v2.27.9)

  • Fixes a potential database upgrade issue when upgrading to 2.27.8

Jan 29, 2020 (v2.27.8)

Known Issue: Using dbupgrade-compose.yml to upgrade MySQL to v2.27.8 may fail. Refrain from using dbupgrade-compose.yml for now. The product upgrading procedure outlined in the production setup documentation still works, but not the upgrading MySQL procedure. An upcoming patch release will address this issue.

Jan 6, 2020 (v2.25.5)

  • [Bug fix] Issues related to memory leaks identified in previous versions of 2.25.x are resolved
  • [Bug fix] Previewing URLs are crashing Coreapp intermittently

Nov 13, 2019 (v2.25.4)

  • [Bug fix] Video preview thumbnails are not correctly generated on the receivers phone client
  • [Bug fix] Too many database connections issue
  • [Bug fix] Video duration generation

Oct 7, 2019 (v2.25.3)

  • Throughput for outbound text type messages is improved to 50 messages/second
  • Improved efforts to show URL preview
  • Improved error handling when preview URL is invalid or not supported
  • [Bug fix] Mark messages as read in Postgres
  • [Bug fix] Previously, photos larger than 63 KB were encoded. This limit is now increased to 5 MB, enabling original high quality pictures to be sent as they are.
  • [Bug fix] Fixed security vulnerabilities for CVE-2019-11931 and CVE-2019-14835

Sep 9, 2019 (v2.25.2, v2.23.6)

  • Improvements to Coreapp security

Aug 26, 2019 (v2.25.1)

  • Throughput for outbound media type messages is improved to 18 messages/second
  • Throughput for outbound text type messages is improved to 25 messages/second
  • Throughput for inbound text type messages is improved to 100 messages/second for single instance
  • “Non-secure http” Webhooks are deprecated — Please upgrade Webhooks to https for inbound notifications
  • A long lived authentication token is available for health API calls to help monitor multiple deployments of WhatsApp Business API clients
    • The number of requests (rate limits) for the health endpoint is set to 10 per second
  • Business vertical values to be enumerable rather than free-form text
  • [Bug fix] Propagating mime-types correctly to address inbound media issues
  • [Bug fix] Mark message read request in multiconnect mode should be distributed uniformly to all the shards rather than sending to shard 0 alone
  • AWS cloud formation template is made publicly available from S3, removing manual step of requesting access via Direct Support

Security Advisory

The following security vulnerabilities impact the v2.25.1 Coreapp image. The next patch release will include fixes.

  • CVE-2018-20856: A patch release will include the fix when published by the vendor for Ubuntu 16.04

Amazon Web Services Templates

Current Version: 2.3.5

What's included in the Amazon Web Services (AWS) - Cloud Formation (CFN) templates:

Release Version Date Introduced Changes


Mar 26, 2020

Change details


Jan 29, 2020

Change details


Aug 19, 2019

Change details


Sep 3, 2018

Change details

Release 2.3.5

Template URLs




  • Support configurable RDS parameters: storage type, multi-AZ, IOPS, engine version
  • Support Mumbai region
  • Add support for M5 level EC2 instances and M5 level DB instance class
  • Support configurable EBS volume size
  • Update the default value of DB Idle Connection Timeout to 180000 milliseconds

Release 2.3.4

Template URLs




  • Security improvements were made

Release 2.3.3

Template URLs




  • All CFN templates are now available in the new S3 bucket
  • EC2 instance is now launched from a marketplace CentOS 7 AMI
  • Removed unsupported EC2 instance type from the business API client template
  • EC2 instance is now equipped with cron jobs for maintenance work (Webapp/Coreapp log rotate, ECS agent update)
  • Use General Purpose SSD as the RDS instance storage in staging environment, now it’s the same as production environment
  • Removed unused CloudWatch alarms

Release 2.3.1

Template URLs

  • Enterprise:
  • DB:
  • Lambda:
  • Network:




  • Support for new regions (Seoul, Singapore & Tokyo)

Known Issues

DetailsFirst present inFixed in

Using dbupgrade-compose.yml to upgrade MySQL to v2.27.8 may fail



Potential memory leaks



Video preview thumbnails are not correctly generated on the receivers phone client

> v2.23.x


More database connections than necessary are opened

> v2.25.x