Cumulative hotfix CDP PvC Base 7.1.7.2011-1 (SP2 cumulative hotfix4)

Know more about the cumulative hotfixes 4 for 7.1.7 SP2. This cumulative hotfix is released on March 30, 2023.

Following are the list of fixes that were shipped for CDP private cloud-base version 7.1.7-1.cdh7.1.7.p2011.39229056

CDPD-51874: Exclude netty3 from SMM
CDPD-50667: assistpanel fails to open files/folders in filebrowser
CDPD-50611: Backport HIVE-27056 to CDH-7.1.7.2000
CDPD-50535: [7.1.7.2000] - Add unique constraint on resource_signature column of x_rms_service_resource table
note
This fix includes a database patch and user must perform following steps to make sure the patch is applied to Ranger database.
1. Stop Ranger Admin and Ranger RMS services.
2. Go to Ranger Admin, click on Action > Upgrade Ranger Database and apply patches and click 'Upgrade Ranger Database and apply patches' to confirm.
3. Start Ranger admin and RMS.
After this db patch '065' is applied and RMS is started. It will perform a full-sync as RMS tables will be truncated during this procedure.
CDPD-50501: Backport Hue PR 2390 to 7.1.7
CDPD-50456: [7.1.7.x]- Unable to delete the user if policy is created by same user and added in the policy item
CDPD-50453: [7.1.7.x]- Ranger - Upgrade snakeyaml due to CVE-2022-1471
CDPD-50435: [7.1.7.x] - No policy found for given version in Ranger Audit page
CDPD-50391: backport IMPALA-11960 to 7.1.7 SP2
CDPD-50044: Provide LiveNode and DeadNode filter in DataNode UI
CDPD-50032: Solr: CVE-2023-24998-upgrade commons-fileupload library to version 1.5
CDPD-49575: Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability
CDPD-48495: Incorrectly encoded next-param
CDPD-48250: Import table data to external location fails for %20
CDPD-48149: Cannot download file when using apache knox
CDPD-48120: DAS - Upgrade jackson-databind to 2.13.4.2 due to high CVEs
CDPD-48033: Zeppelin - Upgrade jettison to 1.5.2 due to CVE-2022-45685 and CVE-2022-45693
CDPD-48031: Tez - Upgrade jettison to 1.5.3 due to CVE-2022-45685 and CVE-2022-45693
CDPD-48012: DAS - Upgrade handlebars to 4.3.1 due to security CVEs (CVE-2019-19919)
CDPD-48009: DAS - Upgrade httpclient to 4.5.13+ / 5.0.3+ due to CVE-2020-13956
CDPD-47567: Errors in HS2 logs when downloading file from Hue
CDPD-47253: Spark - Upgrade commons-codec to 1.13 or higher
CDPD-46773: Backport HIVE-26740: HS2 makes direct connections to HMS backend DB due to Compaction/StatsUpdater
CDPD-46376: Use secure XML parser utils in MapReduce
CDPD-46375: Use secure XML parser utils in YARN
CDPD-43489: Hive Security - Upgrade Guava: Google Core Libraries for Java to v28.2/31.1-jre due to medium CVEs
CDPD-42040: SRM - Upgrade jackson-databind to 2.13.3 due to high CVEs
CDPD-42039: SMM - Upgrade jackson-databind to 2.13.3 due to high CVEs
CDPD-42035: Schema Registry - Upgrade jackson-databind to 2.12.7.1 or 2.13.4.2 due to high CVEs
CDPD-42027: Kafka Connect - Upgrade jackson-databind to 2.13.3 due to high CVEs
CDPD-42026: Kafka - Upgrade jackson-databind to 2.13.3 due to critical CVEs
CDPD-42020: Cruise Control - Upgrade jackson-databind to 2.13.3 due to high CVEs
CDPD-35723: Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability

Table 1. Cloudera Runtime 7.1.7.2011 (Cumulative Hotfix 4) download URL:
Parcel Repository Location
`https://[username]:[password]@archive.cloudera.com/p/cdh7/7.1.7.2011/parcels/`