Cumulative hotfix CDP Private Cloud Base 7.1.7.3018-1 (SP3 Cumulative hotfix8)
Know more about the cumulative hotfix 8 for CDP 7.1.7 SP3. This cumulative hotfix was released on Feb 14, 2025.
Following are the list of fixes that were shipped for CDP Private Cloud Base version
7.1.7-1.cdh7.1.7.p3018.62669201.
- CDPD-78193: CSV injection vulnerability during CSV and Excel file export
- When policies are created with the special characters mentioned
in the doc, there were vulnerabilities which can be exploited.
The issue is fixed now. Checks have been added to ensure whenever such characters are present, a space after it is added.
- CDPD-75286: Spark History UI - StreamConstraintsException: String length exceeds the maximum length
- Fixed an issue with Jackson to allow unlimited json string length in Spark event logs.
- CDPD-59617: Spark - Upgrade Okio to 1.17.6 due to CVE-2023-3635
- Updated
okiofrom version 1.15.0 to 1.17.6 to address the security vulnerability CVE-2023-3635. - CDPD-49702: NodeManager must be shut down when the program /var/lib/yarn-ce/bin/container-executor cannot be run
- Previoulsy, a job failed when NodeManager encountered the
No such file or directory error when running the
/var/lib/yarn-ce/bin/container-executor program. This issue is
now resolved and NodeManager is marked as unhealthy and shut down when it cannot run the
program.
Apache Jira:YARN-11709
| Repository Location |
|---|
https://[[***USERNAME***]]:[[***PASSWORD***]]@archive.cloudera.com/p/cdh7/7.1.7.3018/parcels/
|
Common Vulnerabilities and Exposures (CVE) that is fixed in this CHF:
- CVE-2024-55532 - Apache Ranger
