Cloudera Docs

Cumulative hotfix CDP PvC Base 7.1.7.2021-1 (SP2 cumulative hotfix7)

Know more about the cumulative hotfixes 7 for 7.1.7 SP2. This cumulative hotfix is released on May 09, 2023.

Following are the list of fixes that were shipped for CDP private cloud-base version 7.1.7-1.cdh7.1.7.p2021.40700021

  • CDPD-55489: SMM - Upgrade Jetty to 9.4.51/10.0.14+/11.0.14+ due to CVE-2023-26048 and CVE-2023-26049
  • CDPD-55461: SMM - Upgrade Spring Framework to 5.3.27/6.0.8 due to CVE-2023-20863
  • CDPD-55459: Ranger - Upgrade Spring Framework to 5.3.27/6.0.8 due to CVE-2023-20863
  • CDPD-55447: CLONE for 7.1.7 SPx - Ranger - Upgrade OWASP Java HTML Sanitizer due to security CVEs
  • CDPD-55419: Ranger - Upgrade json-smart to 2.4.10 due to CVE-2023-1370
  • CDPD-55397: Oozie - Upgrade jdom to 2.0.6.1 due to CVE-2021-33813
  • CDPD-55361: Delete a snapshot may deleteCurrentFile
  • CDPD-55360: FileWithSnapshotFeature.isCurrentFileDeleted is not reloaded from FSImage.
  • CDPD-55254: SMM - Upgrade jackson-databind to 2.13.4.1+ due to CVE-2022-42003, CVE-2022-42004
  • CDPD-55186: Backport IMPALA-12079 to 7.1.7 SP2: NoneType object is not iterable due to uncaught exceptions
  • CDPD-55130: Backport CDPD-54407 to 7.1.8 CHFx and 7.1.7 SP2 CHFx
  • CDPD-55096: Backport IMPALA-9936 to 7.1.7 SP2: Only send invalidations in DDL responses to LocalCatalog coordinators
  • CDPD-54865: Atlas server doesn't come up due to circular dependency in TaskRegistry class
  • CDPD-53823: Hadoop - Upgrade jettison to 1.5.4 due to CVE-2023-1436
  • CDPD-50730: Hive WebUI HTTP 500 error due to jar order in classpath
  • CDPD-50282: test_recover_many_partitions failed in S3 build due to assertion failure
  • CDPD-47004: Phoenix Query Server misses logredactor jar
  • CDPD-46973: Make Logredactor dependency in Omid more explicit