API Compatibility changes in 7.1.7 SP3 for Spark
Removed or Modified APIs in CDP 7.1.7 SP3 for Spark and recommendations for how to handle them.
Apache Version of Spark in 7.1.7 was 2.4.7 and Apache Version of Spark in 7.1.7 SP3 is 2.4.7.
Removed APIs in 7.1.7 SP3
The following APIs are no longer available for Spark in CDP 7.1.7 SP3
ClientChallenge.'<init>'
Method Removed
- Package Name
- org.apache.spark.network.crypto
- Effect
- A client program may be interrupted by NoSuchMethodError exception.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
ClientChallenge.decodeMessage
Method Removed
- Package Name
- org.apache.spark.network.crypto
- Effect
- A client program may be interrupted by NoSuchMethodError exception.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
ClientChallenge.encode
Method Removed
- Package Name
- org.apache.spark.network.crypto
- Effect
- A client program may be interrupted by NoSuchMethodError exception.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
ClientChallenge.encodedLength
Method Removed
- Package Name
- org.apache.spark.network.crypto
- Effect
- A client program may be interrupted by NoSuchMethodError exception.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
ServerResponse.decodeMessage
Method Removed
- Package Name
- org.apache.spark.network.crypto
- Effect
- A client program may be interrupted by NoSuchMethodError exception.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
ServerResponse.encode
Method Removed
- Package Name
- org.apache.spark.network.crypto
- Effect
- A client program may be interrupted by NoSuchMethodError exception.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
ServerResponse.encodedLength
Method Removed
- Package Name
- org.apache.spark.network.crypto
- Effect
- A client program may be interrupted by NoSuchMethodError exception.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
ServerResponse.'<init>'
Method Removed
- Package Name
- org.apache.spark.network.crypto
- Effect
- A client program may be interrupted by NoSuchMethodError exception.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
Modified APIs in 7.1.7 SP3
The following APIs have been modified for Spark and include a description of the impact of the modifiaction on their use.
ClientChallenge
This class has been removed.
- Package Name
- org.apache.spark.network.crypto
- Effect
- Recompilation of a client program may be terminated with the message: cannot find class org.apache.spark.network.crypto.ClientChallenge.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
ServerResponse
This class has been removed.
- Package Name
- org.apache.spark.network.crypto
- Effect
- Recompilation of a client program may be terminated with the message: cannot find class org.apache.spark.network.crypto.ServerResponse.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
ClientChallenge
This class has been removed.
- Package Name
- org.apache.spark.network.crypto
- Effect
- A client program may be interrupted by NoClassDefFoundError exception.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
ServerResponse
This class has been removed.
- Package Name
- org.apache.spark.network.crypto
- Effect
- A client program may be interrupted by NoClassDefFoundError exception.
- Reason for change
- Backport fix for CVE-2021-38296: Apache Spark Key Negotiation Vulnerability. Initially introduced by 7.1.7 SP2 CHF4
- Recommendation
- N/A
- Recompilation Required?
- Yes
