Known Issues

Summary of known issues for this release.


Hortonworks Bug ID	Apache JIRA	Apache Component	Summary
N/A	N/A	NiFi	Description of the problem: JDK 8u242 and newer versions cause Site-to-Site failure When you use JDK 8u242 or a newer version, the RAW transport protocol in Site-to-Site fails with the following exception: `2018-12-19 16:19:26,811 ERROR [Site-to-Site Listener] org.apache.nifi.NiFi java.nio.channels.IllegalBlockingModeException: null at java.base/sun.nio.ch.ServerSocketAdaptor.accept(ServerSocketAdaptor.java:121) at org.apache.nifi.remote.SocketRemoteSiteListener$1.run(SocketRemoteSiteListener.java:125) at java.base/java.lang.Thread.run(Thread.java:834)` Workarounds: Choose one of the following options before upgrading to JDK 8u242 or a newer JDK version: Upgrade to HDF 3.5.1 or a newer version. Cloudera recommends this option. Change all the Remote Process Groups and Site-to-Site based reporting tasks to use HTTP transport protocol instead of RAW transport protocol. If neither of these options work for you, contact Cloudera Support for other options.

Table 1. Technical Service Bulletin
Technical Service Bulletin	Apache JIRA	Apache component	Summary
TSB-497	N/A	Solr	CVE-2021-27905: Apache Solr SSRF vulnerability with the Replication handler The Apache Solr ReplicationHandler (normally registered at "/replication" under a Solr core) has a "masterUrl" (also "leaderUrl" alias) parameter. The “masterUrl” parameter is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To help prevent the CVE-2021-27905 SSRF vulnerability, Solr should check these parameters against a similar configuration used for the "shards" parameter. For the latest update on this issue, see the corresponding Knowledge article: TSB 2021-497: CVE-2021-27905: Apache Solr SSRF vulnerability with the Replication handler