Cloudera Docs

Cumulative hotfix CDP PvC Base 7.1.7.2040-4 (SP2 cumulative hotfix16)

Know more about the cumulative hotfixes 16 for 7.1.7 SP2. This cumulative hotfix is released on October 10, 2023.

Following are the list of fixes that were shipped for CDP private cloud-base version 7.1.7-1.cdh7.1.7.p2040.45732547

  • CDPD-61810: Datanucleus upgrade causes test failures in Oozie
  • CDPD-61718: Backport HIVE-26349 to CDH-7.1.7.2000
  • CDPD-61593: Backport HIVE-27213 to CDH-7.1.7.2000
  • CDPD-61500: Atlas [7.1.7 SP2 CHFx] - Upgrade Apache Ivy to 2.5.2 due to CVE-2022-46751
  • CDPD-61433: [7.1.x]- Ranger CSV Report extract may fail with Null pointer exception
  • CDPD-61318: Backport HIVE-25918 to CDH-7.1.7.2000
  • CDPD-61312: Backport HIVE-25792 to CDH-7.1.7.2000
  • CDPD-61311: Backport HIVE-24601 to CDH-7.1.7.2000
  • CDPD-61305: Backport HIVE-22961 to CDH-7.1.7.2000
  • CDPD-61220: Backport HIVE-27303 to CDH-7.1.7.2000
  • CDPD-61048: [717 SP2 CHF] Ranger - Upgrade Tomcat to 8.5.93/9.0.80 due to CVE-2023-41080
  • CDPD-60973: livy_unittests failed in livy-server module
  • CDPD-60199: HMS memory leak because of datanucleus-api-jdo bug
  • CDPD-60189: [7.1.7.2000]CVE-2022-36364 - Calcite Avatica: A remote attacker can execute arbitrary code on the system.
  • CDPD-59847: Zeppelin - Upgrade jackrabbit-webdav to 2.21.18 due to CVE-2023-37895
  • CDPD-59620: Ranger - Upgrade Okio to 3.4.0 due to CVE-2023-3635
  • CDPD-59458: Backport of CDPD-58577:Zeppelin - Upgrade Guava to 32.0.1 due to CVE-2023-2976 to branch 7.1.8 and 7.1.7 SP2
  • CDPD-59348: Logging is broken for Ranger plugin in SchemaRegistry
  • CDPD-58908: Backport of CDPD-55537: Zeppelin - Remove apache tephra-core package due to EOL and CVEs to branches 7.1.8, 7.1.7 Sp2
  • CDPD-58862: Backport of CDPD-55615:Upgrade Nimbus-JOSE-JWT to 9.24 due to CVEs coming from json-smart to 7.1.8, 7.1.7 Sp2
  • CDPD-58848: Impala - Upgrade json-smart to 2.4.10 due to CVE-2023-1370
  • CDPD-58495: Ozone - Upgrade Netty Project to 4.1.94.Final due CVE-2023-34462
  • CDPD-57708: [AUTOSYNC] Bump Guava to 32.0.0-jre
Table 1. Cloudera Runtime 7.1.7.2040 (Cumulative Hotfix 16) download URL:
Parcel Repository Location 
https://[username]:[password]@archive.cloudera.com/p/cdh7/7.1.7.2040/parcels/