Cumulative hotfix CDP PvC Base 7.1.8.36-4 (Cumulative hotfix10)

Know more about the cumulative hotfix 10 for 7.1.8. This cumulative hotfix was released on June 19, 2023.

Following are the list of fixes that were shipped for CDP Private Cloud Base version 7.1.8-1.cdh7.1.8.p36.42193080
  • CDPD-56871: IMPALA-12114: Fixes SSL Thrift idle disconnect (THRIFT-5705)
  • CDPD-57018: Ranger - Upgrade aws-java-sdk to 1.12.367+
  • CDPD-56818: Phoenix - Upgrade gson to 2.9.1 due to CVE-2022-25647
  • CDPD-56737: Ranger - Upgrade Tomcat to 8.5.89 due to CVE-2023-28709
  • CDPD-56693: Hue PAM authentication will fail with PAM_AUTH_ERR or PAM_SYSTEM_ERR
  • CDPD-56586: [AUTOSYNC] Bump sqlite-jdbc to 3.41.2.2
  • CDPD-56487: Hue workers are not getting DB connection and causing is_alive calls to fails with "ORA-03135/ORA-03113/ORA-03114"
  • CDPD-56320: Backport PHOENIX-6953 Creating indexes on a table with old indexing leads to inconsistent co-processors
  • CDPD-56269: Backport PHOENIX-6944 Randomize mapper task ordering for Index MR tools
  • CDPD-56232: Backport HIVE-27271 and HIVE-27308 issues to avoid exposing client keystore and truststore passwords in the JDBC URL
  • CDPD-55980: [7.1.8 CHFx CLONE] - Alter view command allowed even when user has a deny policy on the underlying table
  • CDPD-55608: Hadoop - Upgrade Nimbus-JOSE-JWT to 9.24 due to CVEs coming from json-smart
  • CDPD-55580: Events related to non-proxied services cause Knox to perform a topology redeploy
  • CDPD-55416: Knox - Upgrade json-smart to 2.4.10 due to CVE-2023-1370
  • CDPD-53819: Increase default Zeppelin RPC connection pool size based on ZEPPELIN-5005
  • CDPD-53811: Zeppelin - Upgrade Spring Framework to 5.3.27/6.0.8 due to CVE-2023-20861, CVE-2023-20860 and CVE-2023-20863
  • CDPD-53809: Knox - Upgrade Spring Framework to 5.3.27/6.0.8 due to CVE-2023-20861, CVE-2023-20860 and CVE-2023-20863
  • CDPD-50694: DAG details are not available in query
  • CDPD-50367: [7.1.8.x] - Ranger - Upgrade snakeyaml due to CVE-2022-1471
  • CDPD-46463: Hue - Update Python-ldap to 3.4.3 due to CVE-2021-46823
  • CDPD-46312: cx_Oracle is missing from Hue on 7.1.8 release which is needed
  • CDPD-44419: Hue - Upgrade jquery-ui to 1.13.2 due to CVE-2022-31160
  • CDPD-43984: Local file import errors with BAd Request(400) with XLSX file format
  • CDPD-41982: Yarn - Upgrade Guava: Google Core Libraries for Java to v28.2/31.1-jre due to CVEs
  • HDFS-17045 - File renamed from a snapshottable dir to a non-snapshottable dir cannot be deleted.
  • TSB 2023-666: Out of order HDFS snapshot deletion may delete renamed/moved files, which may result in data loss.
Table 1. Cloudera Runtime 7.1.8.36 (Cumulative Hotfix 10) download URL:
Parcel Repository Location
https://[username]:[password]@archive.cloudera.com/p/cdh7/7.1.8.36/parcels/