Cumulative hotfix CDP PvC Base 7.1.8.58-1 (Cumulative hotfix21)

Know more about the cumulative hotfix 21 for 7.1.8. This cumulative hotfix was released on March 22, 2024.

Following are the list of fixes that were shipped for CDP Private Cloud Base version 7.1.8-1.cdh7.1.8.p58.51337120

  • CDPD-67559: Backport YARN-11639 COMPX-15776 to 7.1.8.x
  • CDPD-67313: [7.1.x] Timezone value not getting updated in Livy
  • CDPD-67225: Zeppelin - Upgrade Spring Framework to 6.1.4/6.0.17/5.3.32 due to CVE-2024-22243
  • CDPD-67220: [Regression] Oozie https notification fails if SSL is not set in Oozie
  • CDPD-67116: [7.1.8.x] Backport KAFKA-13988: Mirrormaker 2 auto.offset.reset=latest not working
  • CDPD-66936: [7.1.8] Ranger kms is using non-centralized jackson-datatype-joda version
  • CDPD-66927: HDFS authorization logic for directory hierarchy rooted at "/" is incorrect
  • CDPD-66917: [AUTOSYNC] Bump aws-java-sdk to 1.12.661
  • CDPD-66725: Knox - Upgrade Okio to 3.4.0 due to CVE-2023-3635
  • CDPD-66719: Ranger - Upgrade Spring Security to 5.7.11/5.8.7/6.0.7/6.1.4 due to CVE-2023-34042
  • CDPD-66520: [7.1.8][ranger] Upgrade Guava to 32.0.1 due to CVE-2023-2976
  • CDPD-66417: Upgrade Prometheus to 2.45.3 due to CVEs
  • CDPD-66274: Postgres docker image changed under the tag 12, causing UT failures
  • CDPD-66162: Phoenix Connectors - Upgrade Guava to 32.0.1 due to CVE-2023-2976
  • CDPD-66080: HBase-Solr - Use the centralized derby version
  • CDPD-66078: Search - Use the centralized derby version
  • CDPD-64626: CLONE - Ranger - Upgrade aws-java-sdk-bundle to 1.12.599 due to CVE-2023-44487
  • CDPD-63762: Oozie - Upgrade JGit to 5.13.3.202401111512-r/6.6.1.202309021850/6.7.0.202309050840 due to CVE-2023-4759
  • CDPD-56724: Oozie web console is allowing access to list directories
  • CDPD-44220: Livy - Missing deploy mode param at Spark submit
Common Vulnerabilities and Exposures (CVE) that is fixed in this CHF:
Table 1. Cloudera Runtime 7.1.8.58 (Cumulative Hotfix 21) download URL:
Parcel Repository Location
https://[username]:[password]@archive.cloudera.com/p/cdh7/7.1.8.58/parcels/

Technical Service Bulletin

TSB 2024-775: FileNotFoundException for Ozone Filesystem JAR during or after CDP installation or upgrade
A potential availability issue has been found with services that have an Ozone client dependency on the ozone-filesystem-hadoop3 fat JAR file when upgrading the Cloudera Data Platform (CDP) Private Cloud Base cluster from version 7.1.8 to 7.1.9. This issue may also affect service installations, runs, and restarts during or after the CDP Private Cloud Base installation or upgrade.
The following exception appears on the Cloudera Manager User Interface (UI) or in the log files of the respective service when an installation, upgrade or other operations fail due to this issue: `java.io.FileNotFoundException: /path/to/ozone-filesystem-hadoop3-<version>.jar (No such file or directory).
The failure is caused by the broken symbolic link: /var/lib/hadoop-hdfs/ozone-filesystem-hadoop3.jar. This issue arises if the hdfs user already exists on the node before the Cloudera Runtime parcel activation. When the hdfs user already exists on the node, the Cloudera Manager agent skips the initialization related to Hadoop Distributed File System (HDFS), which includes creating the /var/lib/hadoop-hdfs directory. As the path is not created, the symbolic link cannot be created during the parcel activation process. This results in a series of broken symbolic links that point to the Ozone binaries.
Knowledge article
For the latest update on this issue see the corresponding Knowledge Article: TSB 2024-775: FileNotFoundException for the Ozone FS JAR during or after installation or upgrade