Cumulative hotfix CDP Private Cloud Base 7.1.8.65-1 (Cumulative hotfix26)

Know more about the cumulative hotfix 26 for CDP 7.1.8. This cumulative hotfix was released on August 2, 2024.

Following are the list of fixes that were shipped for CDP Private Cloud Base version 7.1.8-1.cdh7.1.8.p65.55816070.

KT-7572, KT-7568: 7.1.8.x Keytrustee-keyhsm build failed on CentOS 7
Change in docker image for CentOS 7 resulted in build failure for KeyHSM. This issue is now resolved and changes are now made by downloading and installing necessary packages to pass the build and generate packages.
CDPD-72040: Backport IMPALA-13170 to 7.1.8: Ops listing databases/tables should handle database that does not exist
An error message InconsistentMetadataFetchException occured when running show databases in Impala while simultaneously executing drop database to drop the newly created database in Hive. This issue is now resolved.
CDPD-71943: [718 CHF CLONE] - Deleted resource mapping is not removed from the plugin's cache

When a Hive database/table is removed, corresponding resource-mapping is removed from the plugin's in-memory cache.

When a storage (HDFS/Ozone/S3) is configured to use Resource Mapping Server (RMS), the storage locations of Hive/Impala database/table objects are maintained by the RMS server, and provided to the Ranger authorizer running in the storage service. This feature ensures that when a Hive database/table is removed, mapping information for the removed object is cleared from the resource-mappings provided to the storage service.

CDPD-71851: Backport IMPALA-13130 to 7.1.8 CHF
Under heavy load, Impala reached maximum memory for Data Stream operations and DataStreamService could not differentiate between types of requests and rejected requests. This issue is now resolved and EndDataStream is prioritized, especially under heavy load, to complete work and release resources more quickly.
CDPD-71580: Workaround needed for Bootbox due to CVE-2023-46998
Bootbox.js library was outdated. It is now removed and a new library Bootprompt is now used.
CDPD-69970: Support custom delimiter in SkippingTextInputFormat
Previously, when select count or any query was executed, the whole text was considered as a single line. This issue is now resolved and a custom delimiter in SkippingTextInputFormat is now supported.
CDPD-69782: Users observing role change from ROLE_SYS_ADMIN to ROLE_USER
The updateUserRoleAssignments function in Ranger-admin reset the role of the user from admin to user role for users which were part of the request but were not part of the same page when paged requests were sent to Ranger-admin from Ranger-usersync. This issue is now resolved.
CDPD-69084: Fulltext search with special queries fails if Atlas is not active
Fixed redirected URLs to handle Fulltext search with special queries.
CDPD-68849: Set kerberosEnableCanonicalHostnameCheck=false in Beeline on CDP Private Cloud Base
Previously, there was no support when using Kerberos authorisation when connecting to the Hive Virtual Warehouse (VW) using Private Cloud Base Beeline. This issue is now resolved and kerberosEnableCanonicalHostnameCheck is now set to false.
CDPD-68490: Zeppelin: Upgrade JLine to 3.25.1 due to CVE-2023-50572
Upgraded the JLine version to 3.25.1 due to CVE-2023-50572.
CDPD-57994: Hue import not creating external tables
Previously, there was restriction to create only managed tables with Parquet and Optimized Row Columnar (ORC) formats. This issue is now resolved and external tables can now be created.
CDPD-48047: Hue - Upgrade Bouncy Castle to 1.70 due to security CVE
Upgraded the Bouncy Castle version to 1.70 due to security CVE.
CDPD-45484: Enable support passphrase supported SSL Keyfile in KNOWN location
Passphrase is now supported for Secure Sockets Layer (SSL) Keyfile and a tmpfile() is now generated in the HUE_CONF_DIR directory.
Common Vulnerabilities and Exposures (CVE) fixed in this release:
  • CVE-2023-45857 - Axios
Table 1. Cloudera Runtime 7.1.8.65 (Cumulative Hotfix 26) download URL:
Repository Location
https://[[***USERNAME***]]:[[***PASSWORD***]]@archive.cloudera.com/p/cdh7/7.1.8.65/parcels/

Technical Service Bulletin

TSB 2024-775: FileNotFoundException for Ozone Filesystem JAR during or after CDP installation or upgrade
A potential availability issue has been found with services that have an Ozone client dependency on the ozone-filesystem-hadoop3 fat JAR file when upgrading the Cloudera Data Platform (CDP) Private Cloud Base cluster from version 7.1.8 to 7.1.9. This issue may also affect service installations, runs, and restarts during or after the CDP Private Cloud Base installation or upgrade.
The following exception appears on the Cloudera Manager User Interface (UI) or in the log files of the respective service when an installation, upgrade or other operations fail due to this issue: `java.io.FileNotFoundException: /path/to/ozone-filesystem-hadoop3-<version>.jar (No such file or directory).
The failure is caused by the broken symbolic link: /var/lib/hadoop-hdfs/ozone-filesystem-hadoop3.jar. This issue arises if the hdfs user already exists on the node before the Cloudera Runtime parcel activation. When the hdfs user already exists on the node, the Cloudera Manager agent skips the initialization related to Hadoop Distributed File System (HDFS), which includes creating the /var/lib/hadoop-hdfs directory. As the path is not created, the symbolic link cannot be created during the parcel activation process. This results in a series of broken symbolic links that point to the Ozone binaries.
Knowledge article
For the latest update on this issue see the corresponding Knowledge Article: TSB 2024-775: FileNotFoundException for the Ozone FS JAR during or after installation or upgrade