Cumulative hotfix CDP PvC Base 7.1.8.61-1 (Cumulative hotfix24)
Know more about the cumulative hotfix 24 for CDP 7.1.8. This cumulative hotfix was released on May 28, 2024.
Following are the list of fixes that were shipped for CDP Private Cloud Base version 7.1.8-1.cdh7.1.8.p61.53483863.
- COMPX-16624: YARN-11191 Global Scheduler refreshQueue caused deadLock
- Fixed a potential deadlock in the preemption manager (refreshQueue).
- COMPX-16616: YARN-11684 PriorityQueueComparator violates general contract
- Fixed the Comparison method violates its general contract error in the PriorityUtilizationQueueOrderingPolicy.
- CDPD-69814, CDPD-69816, CDPD-69811, CDPS-69629, CDPD-69628: test_refresh_invalidate_events failed after IMPALA-11808 due to missing IMPALA-8592
- Fixed an issue caused by incorrectly resolved merge conflict while backporting Impala patches.
- CDPD-69579: Backport PHOENIX-6687 to 7.1.8 CHF24
- The region server hosting the SYSTEM.CATALOG, failed to serve metadata requests as default handler pool threads were exhausted. This issue is now resolved.
- CDPD-69310: [7.1.8 CHF24 CLONE] - Enhance handling of subAccess authorization in Ranger HDFS plugin
- Enhanced the handling of subAccess authorization in Ranger HDFS plugin.
- CDPD-69271: Ranger override policy is not working
- The override policy in Ranger was not working after an upgrade. This issue is now resolved.
- CDPD-69000: Backport Impala's event processor critical fixes to CDH-7.1.8.x branch
- Critical fixes are backported to Impala's event processor.
- CDPD-68796: Zeppelin - Upgrade Apache Maven to 3.8.6 due to CVE-2021-26291
- Upgraded the Apache Maven version to 3.8.6 to resolve CVE-2021-26291. Now, HTTP (non-SSL) repository references in Project Object Model (POM) files are no longer followed, thereby mitigating the risks of malicious code injection.
- CDPD-68683: The Table Browser should not fetch column comments for each column
- A table with thousand of columns did not respond in Table Browser. This issue is now resolved.
- CDPD-68596: IMPALA-12969 DeserializeThriftMsg may leak JNI resources
- In Java Native Interface (JNI)
GetByteArrayElementsmust be followed by aReleaseByteArrayElementscall, but this did not occur when there was an error during deserialization. This issue is now resolved. - CDPD-68489: Ranger - Upgrade jline version to 3.25.1 due to CVE-2023-50572
- Upgraded the jline version to 3.25.1 due to CVE-2023-50572.
- CDPD-68256: CDPD - Upgrade commons-configuration2 to 2.10.1 due to CVE-2024-29133 and CVE-2024-29131
- Upgraded the commons-configuration2 package version to 2.10.1 due to CVE-2024-29133 and CVE-2024-29131.
- CDPD-68255: Ozone - Upgrade commons-configuration2 to 2.10.1 due to CVE-2024-29133 and CVE-2024-29131
- Upgraded commons-configuration2 package version to 2.10.1 due to CVE-2024-29133 and CVE-2024-29131.
- CDPD-67224: Ozone - Upgrade Spring Framework to 6.1.6/6.0.19/5.3.34 due to CVE-2024-22243, CVE-2024-22259 and CVE-2024-22262
- Upgraded the Spring Framework version to 5.3.34 due to CVE-2024-22243, CVE-2024-22259 and CVE-2024-22262.
- CDPD-64234: Ozone - Upgrade Apache Derby to 10.17.1.0 due to CVE-2022-46337
- Upgraded the Apache Derby version to 10.14.3.0 due to CVE-2022-46337.
There are no Common Vulnerabilities and Exposures (CVE) fixed in this release.
| Repository Location |
|---|
|
