Cloudera Docs

Cumulative hotfix CDP PvC Base 7.1.7.2047-1 (SP2 cumulative hotfix18)

Know more about the cumulative hotfixes 18 for 7.1.7 SP2. This cumulative hotfix is released on December 14, 2023.

Following are the list of fixes that were shipped for CDP private cloud-base version 7.1.7-1.cdh7.1.7.p2047.48043626

  • COMPX-15563: Backport YARN-10903 (Too many "Failed to accept allocation proposal" because of wrong Headroom check for DRF)
  • CDPD-64280: Backport HIVE-21075 to CDH-7.1.7.2000
  • CDPD-64229: Impala - Upgrade Apache Derby to 10.17.1.0 due to CVE-2022-46337
  • CDPD-64227: Atlas - Upgrade jackson-databind to 2.12.7.1/2.13.4.1+ due to CVE-2022-42003, CVE-2022-42004
  • CDPD-64135: Backport HBASE-27624 to CDS 3.x CHFs and 717 SP2 CHF
  • CDPD-64132: Backport HIVE-25684 to CDH-7.1.7.2000
  • CDPD-64128: [7.1.7 SP2 CHFx backport] Upgrade netty to 4.1.100.Final
  • CDPD-64007: Backport HIVE-27885 on CDP branches
  • CDPD-63915: Sqoop Teradata export fails if source table is empty
  • CDPD-63835: Backport HIVE-27679 on all CDP-PvC 7.1.[7-9] CHFx versions
  • CDPD-63819: Optimize Relationship Edge fetch
  • CDPD-63814: [7.1.7 SP2 CHF18] Atlas - Upgrade amqp-client to 5.18.0+ due to CVE-2023-46120
  • CDPD-63779: Oozie's spark actions are failing intermittently due to NPE
  • CDPD-63757: Backport IMPALA-8675 to 7.1.7 SP2 CHF
  • CDPD-63756: Backport CDPD-63231 to 7.1.8 CHF
  • CDPD-63723: Sqoop should determine files as Parquet by PAR1 in header
  • CDPD-63616: CDPD - Upgrade Jetty to 9.4.53/10.0.17/11.0.17 due to CVE-2023-40167, CVE-2023-36479, CVE-2023-41900, CVE-2023-26048, CVE-2023-26049, CVE-2023-36478 and CVE-2023-44487
  • CDPD-63602: Zeppelin - Upgrade jetty to 9.4.53/10.0.17/11.0.17 due to CVE-2023-40167, CVE-2023-36479, CVE-2023-41900, CVE-2023-36478 and CVE-2023-44487
  • CDPD-63442: [CDH-7.1.7 SP2 CHF18 CLONE] - AuthorizeOnlyWithChainedPolicies shows incorrect policy in Ranger audit when policy priority is equal
  • CDPD-63326: Fix CVE-2023-36877 Apache Oozie Spoofing Vulnerability
  • CDPD-63309: [UnitTest] testMaterializationLookup failure: timestamp mismatch
  • CDPD-63306: Zeppelin - Upgrade netty to 4.1.100.Final due to CVE-2023-44487
  • CDPD-63302: Keytrustee-keyhsm - Upgrade Jetty to 9.4.53/10.0.17/11.0.17 due to CVE-2023-40167, CVE-2023-36479, CVE-2023-41900, CVE-2023-36478 and CVE-2023-44487
  • CDPD-63301: SRM - Upgrade Jetty to 9.4.53/10.0.17/11.0.17 due to CVE-2023-40167, CVE-2023-36479, CVE-2023-41900, CVE-2023-36478 and CVE-2023-44487
  • CDPD-63297: Knox - Upgrade Apache Santuario - xmlsec to 2.2.6/2.3.4/3.0.3 due to CVE-2023-44483
  • CDPD-63291: Search - Upgrade amqp-client to 5.18.0+ due to CVE-2023-46120
  • CDPD-63287: Solr - Upgrade jose4j to 0.9.3 due to CVE-2023-31582
  • CDPD-63286: Upgrade jose4j to 0.9.3 due to CVE-2023-31582
  • CDPD-63238: Parquet export fails with NoSuchMethodError
  • CDPD-63180: Solr server unable to start after jetty upgrade to 9.4.53
  • CDPD-63123: Sqoop build is taking 6 hours to complete
  • CDPD-63098: SMM - Upgrade Jetty to 9.4.53/10.0.17/11.0.17 due to CVE-2023-40167, CVE-2023-36479, CVE-2023-41900, CVE-2023-36478 and CVE-2023-44487
  • CDPD-63054: Phoenix-connector precommit test failure on 7.1.7.2000
  • CDPD-62997: Backport HIVE-27525 to CDP 7.1.7
  • CDPD-62508: CDPD - Upgrade netty to 4.1.100.Final due to CVE-2023-44487 and CVE-2023-34462
  • CDPD-62504: Ratis thirdparty - Upgrade netty to 4.1.100.Final due to CVE-2023-44487
  • CDPD-62503: Ozone - Upgrade netty to 4.1.100.Final due to CVE-2023-44487
  • CDPD-62173: Merge HIVE-24530 on all CDP-PvC 7.1.[7-9] CHFx versions
  • CDPD-62128: Using centralised version of snappy-java in Search
  • CDPD-61741: Backport HIVE-22613 to CDP.
  • CDPD-61606: Potential dataloss from quick navigation during move op for S3 in Hue
  • CDPD-61589: Hue download from ABFS can return a corrupted file
  • CDPD-60674: Kafka password is in clear text in application.properties
  • CDPD-59365: CDPD - Upgrade Shiro to 1.12.0 due to CVE-2023-34478
  • CDPD-59364: Upgrade Shiro to 1.12.0 due to CVE-2023-34478
  • CDPD-58884: SMM - Update dropwizard-core and jakarta.el due to CVE-2021-28170
  • CDPD-58883: Schema Registry - Update dropwizard-core and jakarta.el due to CVE-2021-28170
  • CDPD-57667: Ranger policy delta issue causing intermittent permission deny for Hive and HDFS services
  • CDPD-57269: HADOOP-18763. Upgrade aws-java-sdk to 1.12.367
  • CDPD-56816: Multiple CVE follow-up for SMM
  • CDPD-56016: Upgrade Calcite dependency apache/commons-dbcp2 version in CDP 7.1.7 SP2 due to multiple vulnerabilities commons-pool2 to 2.12.0
  • CDPD-55189: Backport IMPALA-11490 to 7.1.7 SP2: More metrics to debug event processing lagging behind
  • CDPD-55181: Backport HDFS-16535 to 7.1.7 SP2: SlotReleaser should reuse the domain socket based on socket paths
  • CDPD-45383: Livy - Upgrade snakeyaml to 1.33 due to high CVEs
  • CDPD-43144: [Tracking] Ozone Manager OOM because of getDBUpdates call from Recon in 7.1.7.x
  • CDPD-42684: Dropwizard version in cdpd
  • CDPD-41666: When Impala editor is not available then Hue importer fails
  • CDPD-24539: Upgrade jackson-databind to 2.12.2 in SMM due to CVEs
  • TSB 2023-704: File corruption when downloading files larger than 1 MB from ABFS with Hue File Browser
Common Vulnerabilities and Exposures (CVE) that is fixed in this CHF.
  • CVE-2015-0897
  • CVE-2021-28170
  • CVE-2021-42550
  • CVE-2023-25613
  • CVE-2023-31582
  • CVE-2023-34478
  • CVE-2023-46120
Table 1. Cloudera Runtime 7.1.7.2047 (Cumulative Hotfix 18) download URL:
Parcel Repository Location 
https://[username]:[password]@archive.cloudera.com/p/cdh7/7.1.7.2047/parcels/