Cloudera Docs

Cumulative hotfix CDP PvC Base 7.1.7.2046-1 (SP2 cumulative hotfix17)

Know more about the cumulative hotfixes 17 for 7.1.7 SP2. This cumulative hotfix is released on November 09, 2023.

Following are the list of fixes that were shipped for CDP private cloud-base version 7.1.7-1.cdh7.1.7.p2046.46875634

  • CDPD-63166: Backport HBASE-25940 to 7.1.7 SP2 line due to unit test failure
  • CDPD-63057: Cruise Control - Upgrade netty to 4.1.100.Final due to CVE-2023-44487, CVE-2023-34462
  • CDPD-62853: Backport IMPALA-12499 to 7.1.7 SP2 CHF
  • CDPD-62847: Revert CDPD-61718, CDPD-61312 and CDPD-61311 on CHD-7.1.7.2000
  • CDPD-62804: Atlas - Upgrade gremlin shaded to 3.5.5+ due to jackson-databind CVEs
  • CDPD-62790: Atlas [7.1.7 SP2 CHFx]- Upgrade netty to 4.1.100.Final due to CVE-2023-44487
  • CDPD-62730: Backport HIVE-27772 to CDH-7.1.7.2000
  • CDPD-62727: Backport HIVE-27760 to CDH-7.1.7.2000
  • CDPD-62725: HSTS header missing from unsecured API in Ranger Admin
  • CDPD-62666: Ignore used undeclared jetty dependency in phoenix-connectors
  • CDPD-62606: [7.1.7 SP2 CHFx CLONE] - Upgrade Tomcat to 8.5.94+ (for CVE fixes) in all Ranger services
  • CDPD-62573: Backport IMPALA-11068 to 7.1.7 SP2 CHF
  • CDPD-62563: Atlas [7.1.7 SP2 CHFx] - Upgrade Okhttp to 4.11.0 due to CVE-2023-0833 and CVE-2021-0341
  • CDPD-62555: Backport HIVE-27723 to CDH-7.1.7.2000
  • CDPD-62552: Backport HIVE-21100 to CDH-7.1.7.2000
  • CDPD-62528: Backport CDPD-55922 to 717 SP2 CHF
  • CDPD-62516: Backport CDPD-43434 Implement support for preventing incompatible log4j classes to be loaded in Sqoop
  • CDPD-62513: SMM UI - Upgrade Node JS version to 20.8.1 due to multiple CVEs
  • CDPD-62502: Ranger - Upgrade netty to 4.1.100.Final due to CVE-2023-44487
  • CDPD-62448: Explicit handling of DIGEST-MD5 vs GSSAPI in quorum auth
  • CDPD-62297: Oozie unit tests do not clean up tens of GigaBytes of data causing UT container eviction
  • CDPD-62262: Backport HIVE-27673 to CDH-7.1.7.2000
  • CDPD-62222: Cruise Control - Upgrade Okhttp to 4.11.0 due to CVE-2023-0833 and CVE-2021-0341
  • CDPD-62217: Backport HIVE-27760(WHERE condition on DATE type partitioning column leads to wrong results) to 7.1.7 SP2 CHF16 (CDP 7.1.7.2035)
  • CDPD-62209: Backport CDPD-43343 (OOZIE-3666) Oozie log streaming bug when log timestamps are the same on multiple Oozie servers
  • CDPD-62149: Backport CDPD-56822 to 7.1.7 SP2
  • CDPD-62127: CDPD - Upgrade snappy-java to 1.1.10.4+ due to CVE-2023-43642
  • CDPD-62125: Kafka - Upgrade snappy-java to 1.1.10.5 due to CVE-2023-43642
  • CDPD-62063: Backport HIVE-27728 to CDP.
  • CDPD-61938: Backport HIVE-25813 to CDH-7.1.7.2000
  • CDPD-61929: UI: Enum type Business metadata attribute shows incorrect data when specific string is in attribute name.
  • CDPD-61904: Backport CDPD-48043/CDPD-48039 to 7.1.7 SP2 CHFx
  • CDPD-61782: Backport HBASE-25643 to 7.1.7 SP2 CHF17
  • CDPD-61760: Upgrade google-cloud-storage and google-oauth-client to latest version due to medium CVEs
  • CDPD-61719: Backport PHOENIX-6767 Traversing through all the guideposts to prepare parallel scans is not required for salted tables when the query is point lookup
  • CDPD-61715: Backport PHOENIX-4424 to CDP 7.1.7 SP2 CHF17
  • CDPD-61710: Backport PHOENIX-6604 Allow using indexes for wildcard topN queries on salted tables
  • CDPD-61674: [7.1.7 SP2 CHF17] Implement best coding practices for validating user input
  • CDPD-61653: Backport HIVE-27558 to 7.1.7 SP2 CHFx
  • CDPD-61584: [Intermittent] Active NN not getting latest resource mappings from RMS server
  • CDPD-61564: Caused by: java.lang.NoClassDefFoundError: org/datanucleus/store/query/cache/QueryCompilationCache
  • CDPD-61506: Atlas [7.1.7 SP2 CHFx] - Upgrade Okio to 3.4.0 due to CVE-2023-3635
  • CDPD-61353: Backport of CDPD-58220 : ZDU | Getting java.lang.ClassNotFoundException: org.cloudera.log4j.redactor.RedactorAppender while starting ZEPPELIN
  • CDPD-61310: Backport PHOENIX-7005 Spark connector tests cannot compile with latest Phoenix
  • CDPD-61306: Backport PHOENIX-6916 Cannot handle ranges where start is a prefix of end for desc columns
  • CDPD-61028: CLONE - Atlas - Upgrade jettison to 1.5.4 due to CVE-2023-1436
  • CDPD-60006: Backport HIVE-22489, HIVE-24883 and HIVE-25410 issues to fix java.lang.ClassCastException in join on array column
  • CDPD-59847: Zeppelin - Upgrade jackrabbit-webdav to 2.21.18 due to CVE-2023-37895
  • CDPD-59623: Cruise Control - Upgrade Okio to 3.4.0 due to CVE-2023-3635
  • CDPD-59621: Kafka Connect - Upgrade Okio to 3.4.0 due to CVE-2023-3635
  • CDPD-59618: Hadoop - Upgrade Okio to 3.4.0 due to CVE-2023-3635
  • CDPD-59481: [UnitTest] testConnectionRetryExceptionListener fails w/ BindException: Address already in use
  • CDPD-59453: CLONE - Backward compatibility for check provided for AttributeName in Parent and Child TypeDef
  • CDPD-59344: Fix and backport PHOENIX-6999 Point lookups fail with reverse scan
  • CDPD-59247: Backport CDPD-58535 to CDH 7.1.x and CDS 3.x CHFs
  • CDPD-58979: Zeppelin - Upgrade Apache Ant to 1.10.12 due to medium CVEs in 7.1.7 and 7.1.8
  • CDPD-58917: [Backport 7.1.7 SP2 CHFx] SRM - Upgrade Guava to 32.0.1 due to CVE-2023-2976
  • CDPD-58913: [Backport 7.1.7 SP2 CHFx] SMM - Upgrade Guava to 32.0.1 due to CVE-2023-2976
  • CDPD-58909: [Backport 7.1.7 SP2 CHFx] Schema Registry - Upgrade Guava to 32.0.1 due to CVE-2023-2976
  • CDPD-58904: Zeppelin - Replace log4j with reload4
  • CDPD-58807: Atlas - Upgrade Woodstox in SP2 to 5.4.0/6.4.0 due to multiple CVEs
  • CDPD-58661: CLONE - Atlas - Upgrade snakeyaml to 2.0 due to CVE-2022-1471
  • CDPD-58653: Atlas - Upgrade Netty Project to 4.1.94.Final due CVE-2023-34462
  • CDPD-58267: [7.1.7 CHFx] - Ranger Access Audit doesn't show callerContext in the audit as hover over button for HDFS audits
  • CDPD-58019: Ratis-Thirdparty - Bump guava to 32.0.0-jre
  • CDPD-57739: Hbase-solr - Upgrade sqlite-jdbc to 3.41.2.2+ due to CVE-2023-32697
  • CDPD-57012: CLONE - Ranger - Upgrade moment.js to 2.29.4 due to CVE-2022-24785, CVE-2022-31129
  • CDPD-56468: Atlas - Upgrade Spring Security to 5.7.10/5.8.5/6.0.5/6.1.2 due to CVE-2023-20862
  • CDPD-56176: Fix and backport PHOENIX-6910 Scans created during query compilation and execution against salted tables need to be more resilient
  • CDPD-56076: Atlas - CVE-2023-24998-upgrade commons-fileupload library to version 1.5
  • CDPD-56075: [7.1.7 SP2]Atlas - Upgrade Nimbus-JOSE-JWT to 9.24 due to CVEs coming from json-smart
  • CDPD-48039: Spark - Upgrade commons-net to 3.9.0 due to CVE-2021-37533
  • CDPD-43434: Implement support for preventing incompatible log4j classes to be loaded in Sqoop
  • CDPD-43343: Oozie log streaming bug when log timestamps are the same on multiple Oozie servers
  • CDPD-40863: Ozone - Upgrade gson to 2.9.0 due to CVE-2022-25647
  • TSB 2023-702: Potential wrong result for queries with date partition filter for clusters in GMT+ timezone
  • TSB 2023-703: Risk of Data Loss when using Hue S3 File Browser
Table 1. Cloudera Runtime 7.1.7.2046 (Cumulative Hotfix 17) download URL:
Parcel Repository Location 
https://[username]:[password]@archive.cloudera.com/p/cdh7/7.1.7.2046/parcels/