Cloudera Docs

Cumulative hotfix CDP PvC Base 7.1.8.36-4 (Cumulative hotfix10)

Know more about the cumulative hotfix 10 for 7.1.8. This cumulative hotfix was released on June 19, 2023.

Following are the list of fixes that were shipped for CDP Private Cloud Base version 7.1.8-1.cdh7.1.8.p36.42193080
  • CDPD-56871: IMPALA-12114: Fixes SSL Thrift idle disconnect (THRIFT-5705)
  • CDPD-57018: Ranger - Upgrade aws-java-sdk to 1.12.367+
  • CDPD-56818: Phoenix - Upgrade gson to 2.9.1 due to CVE-2022-25647
  • CDPD-56737: Ranger - Upgrade Tomcat to 8.5.89 due to CVE-2023-28709
  • CDPD-56693: Hue PAM authentication will fail with PAM_AUTH_ERR or PAM_SYSTEM_ERR
  • CDPD-56586: [AUTOSYNC] Bump sqlite-jdbc to 3.41.2.2
  • CDPD-56487: Hue workers are not getting DB connection and causing is_alive calls to fails with "ORA-03135/ORA-03113/ORA-03114"
  • CDPD-56320: Backport PHOENIX-6953 Creating indexes on a table with old indexing leads to inconsistent co-processors
  • CDPD-56269: Backport PHOENIX-6944 Randomize mapper task ordering for Index MR tools
  • CDPD-56232: Backport HIVE-27271 and HIVE-27308 issues to avoid exposing client keystore and truststore passwords in the JDBC URL
  • CDPD-55980: [7.1.8 CHFx CLONE] - Alter view command allowed even when user has a deny policy on the underlying table
  • CDPD-55608: Hadoop - Upgrade Nimbus-JOSE-JWT to 9.24 due to CVEs coming from json-smart
  • CDPD-55580: Events related to non-proxied services cause Knox to perform a topology redeploy
  • CDPD-55416: Knox - Upgrade json-smart to 2.4.10 due to CVE-2023-1370
  • CDPD-53819: Increase default Zeppelin RPC connection pool size based on ZEPPELIN-5005
  • CDPD-53811: Zeppelin - Upgrade Spring Framework to 5.3.27/6.0.8 due to CVE-2023-20861, CVE-2023-20860 and CVE-2023-20863
  • CDPD-53809: Knox - Upgrade Spring Framework to 5.3.27/6.0.8 due to CVE-2023-20861, CVE-2023-20860 and CVE-2023-20863
  • CDPD-50694: DAG details are not available in query
  • CDPD-50367: [7.1.8.x] - Ranger - Upgrade snakeyaml due to CVE-2022-1471
  • CDPD-46463: Hue - Update Python-ldap to 3.4.3 due to CVE-2021-46823
  • CDPD-46312: cx_Oracle is missing from Hue on 7.1.8 release which is needed
  • CDPD-44419: Hue - Upgrade jquery-ui to 1.13.2 due to CVE-2022-31160
  • CDPD-43984: Local file import errors with BAd Request(400) with XLSX file format
  • CDPD-41982: Yarn - Upgrade Guava: Google Core Libraries for Java to v28.2/31.1-jre due to CVEs
  • HDFS-17045 - File renamed from a snapshottable dir to a non-snapshottable dir cannot be deleted.
  • TSB 2023-666: Out of order HDFS snapshot deletion may delete renamed/moved files, which may result in data loss.
Table 1. Cloudera Runtime 7.1.8.36 (Cumulative Hotfix 10) download URL:
Parcel Repository Location 
https://[username]:[password]@archive.cloudera.com/p/cdh7/7.1.8.36/parcels/

Technical Service Bulletin

TSB 2024-775: FileNotFoundException for Ozone Filesystem JAR during or after CDP installation or upgrade
A potential availability issue has been found with services that have an Ozone client dependency on the ozone-filesystem-hadoop3 fat JAR file when upgrading the Cloudera Data Platform (CDP) Private Cloud Base cluster from version 7.1.8 to 7.1.9. This issue may also affect service installations, runs, and restarts during or after the CDP Private Cloud Base installation or upgrade.
The following exception appears on the Cloudera Manager User Interface (UI) or in the log files of the respective service when an installation, upgrade or other operations fail due to this issue: `java.io.FileNotFoundException: /path/to/ozone-filesystem-hadoop3-<version>.jar (No such file or directory).
The failure is caused by the broken symbolic link: /var/lib/hadoop-hdfs/ozone-filesystem-hadoop3.jar. This issue arises if the hdfs user already exists on the node before the Cloudera Runtime parcel activation. When the hdfs user already exists on the node, the Cloudera Manager agent skips the initialization related to Hadoop Distributed File System (HDFS), which includes creating the /var/lib/hadoop-hdfs directory. As the path is not created, the symbolic link cannot be created during the parcel activation process. This results in a series of broken symbolic links that point to the Ozone binaries.
Knowledge article
For the latest update on this issue see the corresponding Knowledge Article: TSB 2024-775: FileNotFoundException for the Ozone FS JAR during or after installation or upgrade