Cumulative hotfix 2

Know more about the cumulative hotfixes 2.

This cumulative hotfix was released on Nov 28.

Following are the list of fixes that were shipped for CDP Private Cloud Base version 7.1.8-1.cdh7.1.8.p8.34508617
  • CDPD-45893 - Arrow - Upgrade to jackson 2.12.7

  • CDPD-46242 - Atlas - Upgrade Apache Commons Text to 1.10.0 due to CVE-2022-42889 for 7.1.8-CHF2

  • CDPD-42049 - Avatica - Upgrade Jetty: Java based HTTP/1.x, HTTP/2, Servlet, WebSocket Server to 9.4.48.v20220622/11.0.11 due to medium CVEs

  • CDPD-42015- Avatica - Upgrade jackson-databind to 2.12.7 due to high CVEs

  • CDPD-45733 - CDPD - Upgrade Apache Commons Text to 1.10.0 due to CVE-2022-42889

  • CDPD-42104 - CDPD - Upgrade JUnit to 4.13.2 due to medium CVEs

  • CDPD-45726 - Upgrade Shiro to 1.10.0 due to CVE-2022-40664

  • CDPD-37401- Upgrade Spring Framework to 5.3.18 due to CVE-2022-22963, CVE-2022-22965

  • CDPD-45727 - CDPD - Upgrade Shiro to 1.10.0 due to CVE-2022-40664

  • CDPD-45853 - Cruise Control - Upgrade Scala to 2.13.9 due to CVE-2022-36944

  • CDPD-45803 - Cruise Control - Upgrade kotlin to 1.6.0 or later due to CVE-2022-24329 for SP2

  • CDPD-42021 - Curator - Upgrade jackson-databind to 2.13.3 due to high CVEs

  • CDPD-42408- Curator - Upgrade RESTEasy to 2.3.23.Final-redhat-1/3.15.3.Final-redhat-00001 due to high CVEs

  • CDPD-41932 - DAS - Upgrade google-gson to 2.9.0 due to high CVEs

  • CDPD-42018 - DAS - Upgrade jackson-databind to 2.12.7.1 or 2.13.4.2 due to high CVEs

  • CDPD-42068 - DAS - Upgrade json-smart to 2.4.8 due to critical CVEs

  • CDPD-26797 - DAS - Upgrade Apache Commons Text to 1.10.0 due to CVE-2022-42889

  • CDPD-46258 - Build fails (hadoop pipes) on newer Linux envs - Sles15 Sp4

  • CDPD-46149 - sonatype-2022-5732- hadoop-hdfs-client is vulnerable to XML External Entity (XXE) attacks

  • CDPD-45571 - Hadoop - Upgrade jettison to 1.5.1 due to CVE-2022-40149, CVE-2022-40150

  • CDPD-46788 - Backport HADOOP-18484 to branch CDH-7.1.8.x

  • CDPD-45910 - Modify slf4j-log4j12 symlinks to point to the correct log4j/reload4j binding

  • CDPD-46366 - Disable prefetching/readahead in AbfsInputStream.

  • CDPD-41933 - HBase - Upgrade google-gson to 2.9.0 due to high CVEs

  • CDPD-46404- COD Cluster creation is failing due to reload4j dependency

  • CDPD-42178 - HBase - Upgrade Spring Framework to 4.3.30.RELEASE/5.3.21 due to critical CVEs

  • CDPD-46553 - Hbase-solr - Upgrade protobuf-java to 3.16.3/3.19.6/3.20.3/3.21.7 due to CVE-2022-3171

  • CDPD-44769 - migrate to reload4j in the hbase-indexer repository

  • CDPD-45443- Backport HIVE-25848: Empty result for structs in point lookup optimization with vectorization on

  • CDPD-45199 - Hive - Prepare for Hadoop switching to Reload4j

  • CDPD-40779 - Hive - Upgrade netty to 4.1.77 due to CVE-2022-24823

  • CDPD-43485 - Hive Security - Upgrade Bouncy Castle to 1.70 due to high CVEs

  • CDPD-45572 - Hive - Upgrade jettison to 1.5.1 due to CVE-2022-40149, CVE-2022-40150

  • CDPD-46475- Backport HIVE-26612 to CDH-7.1.8.x

  • CDPD-45911 - Backport HIVE-22978 to to CDH-7.1.8.x

  • CDPD-45685- Backport HIVE-22746 to to CDH-7.1.8.x

  • CDPD-46588- Backport HIVE-24188 to CDH-7.1.8.x

  • CDPD-46589- Backport HIVE-25813 to CDH-7.1.8.x

  • CDPD-46598 - Backport ORC-203 to CDH-7.1.8.x

  • CDPD-46623- Backport ORC-422 to CDH-7.1.8.x

  • CDPD-46764- Fix qtest output for HIVE after ORC-203 on CDH-7.1.8.x

  • CDPD-46590 - Backport HIVE-26352 to CDH-7.1.8.x

  • CDPD-46591 - Backport HIVE-26433 to CDH-7.1.8.x

  • CDPD-46596- Backport ORC-1078 to CDH-7.1.8.x

  • CDPD-45987 - Backport HIVE-26633 to CDH-7.1.8.x

  • CDPD-46604- Backport CDPD-33992 to 7.1.8 CHF2

  • CDPD-46605 - Backport CDPD-45134 to 7.1.8 CHF2

  • CDPD-45826 - Hue - Upgrade Apache Commons Text to 1.10.0 due to CVE-2022-42889

  • CDPD-45954 - Backport IMPALA-11674 to 7.1.8 cumulative hotfix

  • CDPD-45993- Backport IMPALA-10821 to 7.1.8 to fix a test failure due to IMPALA-9338

  • CDPD-46726 - Backport Impala changes of HOTFIX-5356 to 7.1.8 CHF2

  • CDPD-46303 - Backport IMPALA-11669 to 7.1.8 cumulative hotfix

  • CDPD-46405 - Backport IMPALA-11669 to 7.1.8 cumulative hotfix

  • CDPD-44372 - Impala - Upgrade Spring Framework to 5.3.20 due to multiple CVEs

  • CDPD-46032- Backport Impala changes of HOTFIX-5335 to 7.1.8.x

  • CDPD-43860- Impala - Upgrade postgresql to 42.2.26 / 42.4.1 due to CVE-2022-31197

  • CDPD-45846 - Kafka - Upgrade Scala to 2.13.9 due to CVE-2022-36944

  • CDPD-45804- Kafka Connect - Upgrade kotlin to 1.6.0 or later due to CVE-2022-24329 for SP2

  • CDPD-42947 - Replace log4j1 to reload4j

  • CDPD-42028- Knox - Upgrade jackson-databind to 2.13.3 due to high CVEs

  • CDPD-45349- Server Side Request Forgery - Knox - Host Parameter

  • CDPD-45191 - Login on Knox UI doesn't work when the password contains special character

  • CDPD-45764 - Knox - Upgrade Apache Commons Text to 1.10.0 due to CVE-2022-42889

  • CDPD-45588- Failover for kudu master is not working due to kudu-3387

  • CDPD-46508- Backport ORC-438 to to CDH-7.1.8.x

  • CDPD-46663- Ozone - Upgrade commons-codec to 1.13 or higher

  • CDPD-42156 - Ozone - Upgrade Protocol Buffer Java API to 2.6.1/3.21.2 due to medium CVEs

  • CDPD-46452 - CVEs in Prometheus/Go

  • CDPD-29099 - Ozone - Replace log4j 1.x with reload4j

  • CDPD-42030 - Ozone - Upgrade jackson-databind to 2.12.7.1 or 2.13.4.2 due to high CVEs

  • CDPD-45377- Ozone - Upgrade snakeyaml to 1.32 due to high CVEs

  • CDPD-42367 - Ozone - Upgrade Jersey to 2.36/3.0.5 due to medium CVEs

  • CDPD-41947 - Phoenix - Upgrade google-gson to 2.9.0 due to high CVEs

  • CDPD-46304- Set explicit netty dependency for Phoenix Omid for testing

  • CDPD-46046- Phoenix Omid - Replace log4j 1.x with reload4j

  • CDPD-46524- Disable endlessly running test in omid

  • CDPD-45382- Phoenix Omid - Upgrade snakeyaml to 1.32 due to high CVEs

  • CDPD-42057 - Phoenix - Upgrade Jetty: Java based HTTP/1.x, HTTP/2, Servlet, WebSocket Server to 9.4.48.v20220622/11.0.11 due to critical CVEs

  • CDPD-42031 - Phoenix - Upgrade jackson-databind to 2.12.7.1 or 2.13.4.2 due to critical CVEs

  • CDPD-29100- Phoenix - Replace log4j 1.x with reload4j

  • CDPD-45390- CPX - Upgrade snakeyaml to 1.33 due to high CVEs

  • CDPD-46618- CPX- Upgrade jersey to 2.35/3.0.2 due to CVE

  • CDPD-46629 - [Config Service] Upgrade Apache Commons Text to 1.10.0 due to CVE

  • CDPD-46059 - Backport RANGER-3916 (Ranger UI fails to open when the Ranger admin domain name includes "service" keyword in it.) to 7.1.8 CHF2

  • CDPD-46490 - 7.1.8 CHF2 CLONE - Ranger - Upgrade opencsv to 5.7.1 to stop pulling affected version of commons-text

  • CDPD-46025- [7.1.8 CHF2/3 CLONE] - change sync_source column datatype from varchar to text

  • CDPD-46850 - Starting Ranger RMS fails with NoClassDefFoundError

  • CDPD-46058- Backport RANGER-3864 (Spurious creation of service-resource objects in Ranger) to 7.1.8 CHF2

  • CDPD-47056 - Fix Ranger TagRest API deleteTagResourceMapByGuid

  • CDPD-42163 - Ratis - Upgrade Protocol Buffer Java API to 2.6.1/3.21.2 due to medium CVEs

  • CDPD-41951 - Ratis - Upgrade google-gson to 2.9.0 due to high CVEs

  • CDPD-46068 - Backport CDPD-18529 to CDP 7.1.8.x

  • CDPD-46006 - Schema Registry - Upgrade Apache Commons Text to 1.10.0 due to CVE-2022-42889

  • CDPD-46555- Search - Upgrade protobuf-java to 3.16.3/3.19.6/3.20.3/3.21.7 due to CVE-2022-3171

  • CDPD-45765- SMM - Upgrade Apache Commons Text to 1.10.0 due to CVE-2022-42889

  • CDPD-45378 - SMM - Upgrade snakeyaml to 1.32 due to high CVEs

  • CDPD-46554 - Solr - Upgrade protobuf-java to 3.16.3/3.19.6/3.20.3/3.21.7 due to CVE-2022-3171

  • CDPD-45967 - Solr - Upgrade hsqldb to 2.7.1 due to CVE-2022-41853

  • CDPD-17800- Use external version of commons-text in Solr

  • CDPD-45380- Spark - Upgrade snakeyaml to 1.32 due to high CVEs // 7.1.8 CHF2

  • CDPD-46189 - Spark should use the common external version of "io.dropwizard.metrics"

  • CDPD-46306 - CVE-2022-31777: Apache Spark XSS vulnerability in log viewer UI Javascript

  • CDPD-46096 - Backport CDPD-44019 to 7.1.8 cumulative hotfix

  • CDPD-42038 - Spark Atlas Connector - Upgrade jackson-databind to 2.13.3 due to critical CVEs

  • CDPD-44440- Hadoop - Upgrade jquery-ui to 1.13.2 due to CVE-2022-31160

  • CDPD-41909 - Zeppelin - Upgrade Bouncy Castle to 1.70 due to medium CVEs

  • CDPD-45885- Zeppelin - Upgrade Spring Framework to 5.3.21 due to CVEs - for 7.1.8 CHF

  • CDPD-42042 - Zeppelin - Upgrade jackson-databind to 2.12.7.1 or 2.13.4.2 due to high CVEs

  • CDPD-41780 - Zeppelin - Upgrade Apache Commons Compress to 1.21.0 due to high CVEs

  • CDPD-32180 - Zeppelin - Upgrade spring-security version to 5.3.8.RELEASE due to CVE

  • CDPD-29105 - Zookeeper - Replace log4j 1.x with reload4j

  • COMPX-12340- CPX [Config-Store]Upgrade snakeyaml to 1.33 due to high CVEs

  • COMPX-12246 - Config Service - Upgrade Apache Commons Text to 1.10.0 due to CVE-2022-42889

  • COMPX-12228- QM - Upgrade jersey to 2.35 / 3.0.2 due to CVE-2021-28168

  • COMPX-12341- CPX [QM]Upgrade snakeyaml to 1.33 due to high CVEs

  • COMPX-12391- QM 7.1.8 CHF2 - Delete queue throws error when custom placement is set with queue name in Queue Manager

    Download URL: https://archive.cloudera.com/p/cdh7/7.1.8.8