Cloudera Docs

Cumulative hotfix CDP PvC Base 7.1.8.11-3 (Cumulative hotfix3)

Know more about the cumulative hotfix 3 for 7.1.8. This cumulative hotfix was released on December 14, 2022.

Following are the list of fixes that were shipped for CDP Private Cloud Base version 7.1.8-1.cdh7.1.8.p11.35002917

  • CDPD-16009 Hadoop - Bump netty3 dependency up to netty4

  • CDPD-31901 Impala's access to Ozone is single-threaded
  • CDPD-41346 impala-shell package can not be used with python 3
  • CDPD-41725 Phoenix - Upgrade Apache Ant to 1.10.12 due to high CVEs
  • CDPD-41895 HBase - Upgrade Bouncy Castle to 1.70 due to medium CVEs
  • CDPD-42025 Impala - Upgrade jackson-databind to 2.13.3 due to high CVEs
  • CDPD-42091 Avatica - Upgrade JUnit to 4.13.2 due to medium CVEs
  • CDPD-43490 Hive Security - Upgrade jackson-databind to 2.12.7.1 due to critical CVEs
  • CDPD-43510 Hive Security - Upgrade Scala to 2.13.8 due to high CVEs
  • CDPD-44880 RMS fails to process table rename correctly.
  • CDPD-45206 Avatica - Upgrade Kerby from 1.1.1 to 2.0.2+
  • CDPD-45247 RMS fails to process Alter operation on Managed tables when table is renamed
  • CDPD-45288 RMS fails to process Alter operation on External tables when hdfs path of a table is updated
  • CDPD-45375 Atlas :- Upgrade snakeyaml to 1.32 due to high CVEs
  • CDPD-45387 Knox - Upgrade snakeyaml to 1.32 due to high CVEs
  • CDPD-45533 AuditFileSpool logs out all events that were not audited successfully
  • CDPD-45575 Zeppelin - Upgrade jettison to 1.5.1 due to CVE-2022-40149, CVE-2022-40150
  • CDPD-45845 Schema Registry - Upgrade Scala to 2.13.9 due to CVE-2022-36944
  • CDPD-45862 yarn - Upgrade DataTables to 1.11.5 due to high CVEs
  • CDPD-45899 [7.1.8 CHF3 CLONE] - RMS fails to process table rename correctly.
  • CDPD-45900 [7.1.8 CHF3 CLONE] - RMS fails to process Alter operation on Managed tables when table is renamed
  • CDPD-45901 [7.1.8 CHF3 CLONE] - RMS fails to process Alter operation on External tables when hdfs path of a table is updated
  • CDPD-45987 Backport HIVE-26633 to CDH-7.1.8.x
  • CDPD-46025 [7.1.8 CHF2/3 CLONE] - change sync_source column datatype from varchar to text
  • CDPD-46026 [718 CHF3 CLONE] - Upgrade jquery-ui to 1.13.2
  • CDPD-46131 Fix table creation with HMS Integration
  • CDPD-46223 [7.1.8 CHF3 ] : Add 'preload' directive to HSTS header
  • CDPD-46369 [7.1.8 CHF3 CLONE] - Ranger service Failure [python3]
  • CDPD-46409 Atlas - Upgrade Spring-security to 5.6.9/ 5.7.5 due to CVE-2022-31692, CVE-2022-31690
  • CDPD-46421 [7.1.8 CHF3 CLONE] - Ranger - Upgrade Spring-security to 5.6.9/ 5.7.5 due to CVE-2022-31692, CVE-2022-31690
  • CDPD-46488 Backport Ozone bug fixes to enable Impala for Mastercard in 7.1.8 CHF3 [Ozone side]
  • CDPD-46495 [7.1.8 CHF3 CLONE] Upgrade snakeyaml to 1.32 in ranger-plugins-audit
  • CDPD-46498 [7.1.8 CHF3 CLONE] Ranger - Upgrade jettison to 1.5.1 due to CVE-2022-40149, CVE-2022-40150
  • CDPD-46525 [7.1.8 CHF3] [RANGER-3913] Reduce number of calls to FilenameUtils.wildcardMatch() when evaluating resource matching
  • CDPD-46530 Spark - Upgrade Apache Ivy to 2.5.1 due to CVE-2022-37865, CVE-2022-37866
  • CDPD-46531 CPX, config-service 7.1.8 CHF3 - Upgrade dropwizard and jackson
  • CDPD-46532 PvC - WEBHDFS operation on Namenode UI via knox fails when HDFS in HA
  • CDPD-46569 Atlas - Upgrade Apache Ivy to 2.5.1 due to CVE-2022-37865, CVE-2022-37866
  • CDPD-46580 [7.1.8 CHF3 CLONE] Ranger - Upgrade protobuf-java to 3.21.7 due to CVE-2022-3171
  • CDPD-46628 Phoenix - Exclude Tomcat Embed Core from Apache Thrift due to high CVEs
  • CDPD-46666 Knox - Upgrade commons-codec to 1.13 or higher
  • CDPD-46670 SRM - Upgrade commons-codec to 1.13 or higher
  • CDPD-46673 Kafka_connect_ext - Upgrade commons-codec to 1.13 or higher
  • CDPD-46675 Hbase - Upgrade commons-codec to 1.13 or higher
  • CDPD-46679 Impala - Upgrade Woodstox to 5.4.0/6.4.0 due to multiple CVEs
  • CDPD-46739 [7.1.8 CHF3 CLONE] - Ranger - Upgrade Woodstox to 5.4.0/6.4.0 due to multiple CVEs
  • CDPD-46740 [7.1.8 CHF3 CLONE] - Ranger - Upgrade wildfly-openssl to 1.1.3.Final/1.1.3.Final+ due to CVE-2020-25644
  • CDPD-46741 [7.1.8 CHF3 CLONE] - Ranger - Upgrade commons-codec to 1.13 or higher
  • CDPD-46746 [7.1.8 CHF3 CLONE] - AuditFileSpool logs out all events that were not audited successfully
  • CDPD-46768 Dependency convergence error in Zeppelin due to stax2-api from Hadoop
  • CDPD-46779 Fix requirements.txt logic for Python3 project which includes PPC and nonPPC platform
  • CDPD-46805 [7.1.8 CHF 3] - Restrict scripts from accessing Java classes and methods
  • CDPD-46827 Add virtualenv-make-relocatable in the pip install
  • CDPD-46875 Improve Hue PPC build script and RPM spec file
  • CDPD-46877 Backport 'HDDS-7453. Check certificate expiration at service startup, renew if necessary'
  • CDPD-46891 Python files in phoenix-queryserver are not compatible with python3
  • CDPD-46943 Schemaregistry needs an upgrade due to EOL and CVEs on jackson-mapper-asl
  • CDPD-46945 Backport HIVE-26481 to CDH-7.1.8.x
  • CDPD-46958 Backport HIVE-26761 to CDH-7.1.8.x
  • CDPD-46987 In Hue Makefile, pin specific pip, virtualenv python packages version
  • CDPD-47037 RM UI redirect link to the Spark3 History Server fails
  • CDPD-47056 Fix Ranger TagRest API deleteTagResourceMapByGuid
  • CDPD-47107 Multiple Oozie unit tests fails after netty upgrade on 7.1.7.2000
  • COMPX-12488 Queue Manager 7.1.8 CHF3 - Upgrade jackson-databind to 2.13.3 due to high CVEs
  • COMPX-12560 Fix JSON formatting in the RM tests

  • KT-7410 - [7.1.8 CHF3] - Key HSM - Upgrade jackson-databind to 2.13.3 due to high CVEs

  • KT-7421- [7.1.8 CHF3] Keytrustee-keyhsm - Upgrade commons-codec to 1.13 or higher

  • KT-7423- Key HSM - Upgrade Spring Framework, google-gson, Bouncy Castle and Jetty due to CVEs

  • CDPD-41758 HBase - Upgrade Apache Commons BeanUtils to 1.9.4 due to high CVEs
  • CDPD-42043 CDPD - Upgrade jackson-databind to 2.12.7.1 due to CVEs
  • CDPD-44768 CDPD-44399 Migrate to reload4j in the search repository
  • CDPD-45376 Hadoop - Upgrade snakeyaml to 1.32 due to high CVEs
  • CDPD-45963 Oozie and Sqoop CVE backport from 7.1.7 SP2 to 7.1.8 CHF 3 umbrella ticket
  • CDPD-46822 CDPD-46610 Ozone - Upgrade woodstox on branch CDH-7.1.8.x
  • CDPD-40475 Upgrade Spring Framework to 5.3.20 due to CVE-2022-22971, CVE-2022-22970, CVE-2022-22968
  • CDPD-46894 Replace JUnit5 assertEquals with JUnit4 in TestSSLZookeeperFactoryArguments
    Table 1. Cloudera Runtime 7.1.8.11 (Cumulative Hotfix 3) download URL:
    Parcel Repository Location 
    https://[username]:[password]@archive.cloudera.com/p/cdh7/7.1.8.11/parcels/