Known Issues
|
Hortonworks Bug ID |
Apache JIRA |
Apache Component |
Summary |
|---|---|---|---|
| BUG-27132 | KNOX-556 | Knox | Knox needs better diagnosability for keystore failures. |
| BUG-34480 | KNOX-603 | Knox | Potential resource leak in BaseKeystoreService.createKeystore. |
| BUG-34843 | KNOX-539 | Knox | Identity mapping auditing should record mapped identity. |
| BUG-36435 | KNOX-554 | Knox | gateway.path not taken into account for Knox URL. |
| BUG-39514 | Oozie | Version Disclosure Vulnerabilities in Oozie Web UI. | |
| BUG-41406 | YARN | YARN UI messages not clear about why log aggregation not happened when meeting maximum HDFS subdir limit. | |
| BUG-41606 | YARN | AM Container link in YARN RM UI links to a 404 page after application completion. | |
| BUG-46128 | Storm | Kafka spout showing errors in the log streaming workflow. | |
| BUG-49715 | KNOX-639 | Knox | Using empty master secret for Knox causes NullPointerException. |
| BUG-49952 | YARN |
removeApplication in ZKRMStateStore should also disable watch. am container complete msg ack to NM once RM receive it. | |
| BUG-49955 | PHOENIX-2531 | Phoenix |
Phoenix thin-client jar has incorrect META-INF/services/java.sql.Driver file Issue: The Phoenix Thin Client Driver, org.apache.phoenix.queryserver.client.Driver, is not automatically registered in the JDBC DriverManager. Workaround:
|
| BUG-50692 | YARN-4576 | YARN | Extend blacklist mechanism to protect AM failed multiple times on failure nodes. |
| BUG-53388 | Kafka | After non-secure cluster upgrade to 2.3.4, running bin/kafka-console-consumer.sh outputs "No brokers found in ZK". | |
| BUG-55124 |
HBase Phoenix | Deadlock on region opening when secondary indexes are recovering. | |
| BUG-59387 | HADOOP-13105 | Hadoop Common | Support timeouts in LDAP queries in LdapGroupsMapping. |
| BUG-59397 | HDFS-10485 | HDFS | Fix findbugs warning in FSEditLog.java. |
| BUG-60205 | SQOOP-2470 | Sqoop | Incremental Hive import with append not working after validation check for --hive-import and --import. |
| BUG-60233 | TEZ-3294 | Tez | Re-submitted dag that fails java opts checks in first try fails due to illegal argument error on next submission. |
| BUG-60770 | HDFS |
HDFS distcp SaslException: Checksum failed Applies to: MIT Secured / Kerberized HDP Install Summary: MapReduce job posting or job status retrieval might fail with new installations with the following exception: "main" java.io.IOException: org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.yarn.exceptions.YarnRuntimeException): java.io.IOException: Failed on local exception: java.io.IOException: Couldn't setup connection for jhs/fqdn@REALM to fqdn/ip.ip.ip.ip:8020; Host Details : local host is: "fqdn/ip.ip.ip.ip"; destination host is: "fqdn":8020; at org.apache.hadoop.mapreduce.v2.hs.CachedHistoryStorage.getFullJob(CachedHistoryStorage.java:147) at org.apache.hadoop.mapreduce.v2.hs.JobHistory.getJob(JobHistory.java:217) at org.apache.hadoop.mapreduce.v2.hs.HistoryClientService$HSClientProtocolHandler$1.run(HistoryClientService.java:226) at org.apache.hadoop.mapreduce.v2.hs.HistoryClientService$HSClientProtocolHandler$1.run(HistoryClientService.java:222) at java.security.AccessController.doPrivileged(Native Method) .... Solution: Restart the NameNode in the cluster. | |
| BUG-67482 | RANGER-1136 | Ranger |
Description of Problem: Ranger audit to HDFS fails with TGT errors Workaround: Currently, there is no known workaround for this issue. |
| Technical Service Bulletin | Apache JIRA | Apache Component | Summary |
|---|---|---|---|
| TSB-405 | N/A | N/A |
Impact of LDAP Channel Binding and LDAP signing changes in Microsoft Active Directory Microsoft has introduced changes in LDAP Signing and LDAP Channel Binding to increase the security for communications between LDAP clients and Active Directory domain controllers. These optional changes will have an impact on how 3rd party products integrate with Active Directory using the LDAP protocol. Workaround Disable LDAP Signing and LDAP Channel Binding features in Microsoft Active Directory if they are enabled For more information on this issue, see the corresponding Knowledge article: TSB-2021 405: Impact of LDAP Channel Binding and LDAP signing changes in Microsoft Active Directory |
| TSB-406 | N/A | HDFS |
CVE-2020-9492 Hadoop filesystem bindings (ie: webhdfs) allows credential stealing WebHDFS clients might send SPNEGO authorization header to remote URL without proper verification. A maliciously crafted request can trigger services to send server credentials to a webhdfs path (ie: webhdfs://…) for capturing the service principal For more information on this issue, see the corresponding Knowledge article: TSB-2021 406: CVE-2020-9492 Hadoop filesystem bindings (ie: webhdfs) allows credential stealing |
| TSB-434 | HADOOP-17208, HADOOP-17304 | Hadoop |
KMS Load Balancing Provider Fails to invalidate Cache on Key Delete For more information on this issue, see the corresponding Knowledge article: TSB 2020-434: KMS Load Balancing Provider Fails to invalidate Cache on Key Delete |
| TSB-465 | N/A | HBase |
Corruption of HBase data stored with MOB feature For more information on this issue, see the corresponding Knowledge article: TSB 2021-465: Corruption of HBase data stored with MOB feature on upgrade from CDH 5 and HDP 2 |
| TSB-497 | N/A | Solr |
CVE-2021-27905: Apache Solr SSRF vulnerability with the Replication handler The Apache Solr ReplicationHandler (normally registered at "/replication" under a Solr core) has a "masterUrl" (also "leaderUrl" alias) parameter. The “masterUrl” parameter is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To help prevent the CVE-2021-27905 SSRF vulnerability, Solr should check these parameters against a similar configuration used for the "shards" parameter. For more information on this issue, see the corresponding Knowledge article: TSB 2021-497: CVE-2021-27905: Apache Solr SSRF vulnerability with the Replication handler |
| TSB-512 | N/A | HBase |
HBase MOB data loss HBase tables with the MOB feature enabled may encounter problems which result in data loss. For more information on this issue, see the corresponding Knowledge article: TSB 2021-512: HBase MOB data loss |