| Issue |
Description |
| COMPX-13398 |
QM - Replace log4j 1.x with reload4j - 7.1.8.x |
| COMPX-12815 |
Backport YARN-10178 to 7.1.8 CHFx : Crash in global async
scheduler thread |
| COMPX-12803 |
QM 7.1.8 CHF4 - Upgrade Apache Commons Text to 1.10.0 due to
CVE-2022-42889 |
| COMPX-12687 |
Config Store 7.1.8 CHF4 - Remove Apache commons-text
dependency |
| CDPD-49491 |
CPX - Use external versions for reload4j |
| CDPD-48947 |
Ranger Upgrade from 7.2.11 to 7.2.16 failed |
| CDPD-48546 |
CDH-7.1.8.x - Impala build failure - Ubuntu20 |
| CDPD-48420 |
Backport CDPD-42069 to CDH 7.1.8.x |
| CDPD-48362 |
Constantly failing tests in
TopicCommandIntegrationTest |
| CDPD-48352 |
[ranger][replication] Import succeeds but policies were
skipped |
| CDPD-48319 |
Backport IMPALA-10702 |
| CDPD-48318 |
Backport IMPALA-10794 and IMPALA-11401 to 7.1.8 |
| CDPD-48259 |
Ranger Admin landing page via knox proxy is broken after upgrade
|
| CDPD-48244 |
[ranger] [replication] Support policyMatchingAlgorithm parameter
for ranger policy replication |
| CDPD-48232 |
[ranger] [replication] Policy transform step is removing hdfs
execute permission. |
| CDPD-48215 |
Exclude reload4j from Hadoop dependencies |
| CDPD-48210 |
Backport HIVE-26567 to CDH-7.1.8.x |
| CDPD-48209 |
Backport HIVE-26566 to CDH-7.1.8.x |
| CDPD-48207 |
Backport HIVE-26504 to CDH-7.1.8.x |
| CDPD-48206 |
Backport HIVE-26488 to CDH-7.1.8.x |
| CDPD-48205 |
Backport HIVE-26253 to CDH-7.1.8.x |
| CDPD-48204 |
Backport HIVE-25856 to CDH-7.1.8.x |
| CDPD-48203 |
Backport HIVE-25755 to CDH-7.1.8.x |
| CDPD-48202 |
Backport HIVE-25391 to CDH-7.1.8.x |
| CDPD-48201 |
Backport HIVE-25223 to CDH-7.1.8.x |
| CDPD-48193 |
Backport HIVE-26875 to CDH-7.1.8.x |
| CDPD-48152 |
Fix IMPALA-11812 in 7.1.8: Catalogd OOM due to lots of HMS
FieldSchema instances |
| CDPD-48139 |
Backport PARQUET-1744 to CDH-7.1.8.x |
| CDPD-48136 |
Backport HIVE-21599 to CDH-7.1.8.x |
| CDPD-48131 |
Disable TestZookeeperLockManager#testMetrics on
CDH-7.1.8.x |
| CDPD-48129 |
[ranger][replication] If a change is made in the resource field
of a policy on the source cluster, a new policy is created on the target cluster
instead of changing the existing policy |
| CDPD-48119 |
Ranger - Upgrade OWASP Java HTML Sanitizer due to security
CVEs |
| CDPD-48116 |
Disable orc_merge9 on CDH-7.1.8.x |
| CDPD-48097 |
Backport HIVE-23220 to CDH-7.1.8.x |
| CDPD-48092 |
Hue fails to translate Korean langauge |
| CDPD-48055 |
Ranger Replication : Support both JDK 8 and JDK 11 on destination
cluster |
| CDPD-48051 |
Knox - Upgrade Cloudera Manager API due to CVE-2021-29243,
CVE-2021-32482 |
| CDPD-48041 |
Ranger - Upgrade commons-net to 3.9.0 due to
CVE-2021-37533 |
| CDPD-48032 |
Ranger - Upgrade jettison to 1.5.2 due to CVE-2022-45685 and
CVE-2022-45693 |
| CDPD-48008 |
Zeppelin - Upgrade httpclient due to
CVE-2020-13956 |
| CDPD-47992 |
Cruise Control - Upgrade Netty to 4.1.86.Final due to
CVE-2022-41881, CVE-2022-41915 |
| CDPD-47990 |
Kafka - Upgrade Netty to 4.1.86.Final due to CVE-2022-41881,
CVE-2022-41915 |
| CDPD-47989 |
Ranger - Upgrade Netty to 4.1.86.Final due to CVE-2022-41881,
CVE-2022-41915 |
| CDPD-47955 |
[7.1.8 CHF4] - Ranger - Upgrade bootbox to 6.0.0 due to
GHSA-87mg-h5r3-hw88 |
| CDPD-47950 |
Ranger - Upgrade tomcat to 8.5.84/9.0.69+/10.1.2+ due to
CVE-2022-42252, CVE-2022-34305, CVE-2022-45143 |
| CDPD-47909 |
Ranger - Upgrade moment.js to 2.29.4 due to CVE-2022-24785,
CVE-2022-31129 |
| CDPD-47880 |
DAS - Upgrade protobuf-java to 3.16.3/3.19.6/3.20.3/3.21.7 due to
CVE-2022-3171 |
| CDPD-47876 |
HUEQP - Upgrade jackson-databind to 2.12.7.1 or 2.13.4.2 due to
high CVEs |
| CDPD-47868 |
[7.1.8 CHF4-CLONE] - Backport RANGER-3593 into
cdpd-master |
| CDPD-47843 |
Backport HIVE-26736 to CDH-7.1.8.x |
| CDPD-47842 |
Backport HIVE-26671 to CDH-7.1.8.x |
| CDPD-47841 |
Backport HIVE-25738 to CDH-7.1.8.x |
| CDPD-47840 |
Backport HIVE-24579 to CDH-7.1.8.x |
| CDPD-47839 |
Backport HIVE-21152 to CDH-7.1.8.x |
| CDPD-47836 |
SMM Data Explorer offset slider 'from offset' doesn't update on
partition change |
| CDPD-47813 |
Atlas - Do the fix for CVE-2022-34271 |
| CDPD-47777 |
Remove unused hadoop.guava.version from HBase
pom.xml |
| CDPD-47745 |
Fix 7.1.8 CHF4 for IMPALA-11753 CatalogD OOMkilled due to
natively allocated memory |
| CDPD-47649 |
impala build failure in 7.1.7.2000 due to
versions:set |
| CDPD-47611 |
Ignore testRollbackForSplitTableRegionWithReplica() in
TestSplitTableRegionProcedure |
| CDPD-47610 |
test_scanners.TestParquet.test_corrupt_files fails on 7.1.8 in S3
builds |
| CDPD-47602 |
Backport PHOENIX-6638 to 7.1.8 CHF4 |
| CDPD-47600 |
Backport to CHF 4: Restart of HIVE_ON_TEZ causes a Knox topology
redeploy |
| CDPD-47590 |
Backport "FSCK Report broken with RequestHedgingProxyProvider" to
CDH-7.1.8.x |
| CDPD-47460 |
IMPALA-11631 Impala crashes in
impala::TopNNode::Heap::Close() |
| CDPD-47457 |
NFS Gateway may release buffer too early |
| CDPD-47409 |
Unit tests in TestAuthFilterAuthOozieClient fail
intermittently |
| CDPD-47407 |
Backport HADOOP-18499 S3A to support HTTPS web proxies to
7.1.8.x |
| CDPD-47405 |
Backport KNOX-2824 (Make SameSite attribute on KnoxSSO Cookie
Configurable) to 7.1.8 |
| CDPD-47395 |
Atlas - Upgrade jackson-databind to 2.12.7.1 or 2.13.4.2 for
7.1.8 CHF4 due to high CVEs |
| CDPD-47378 |
Backport Hue PR 3107 |
| CDPD-47362 |
IMPALA-11779 Codegen crash due to null slots |
| CDPD-47355 |
CPX - use external versions for wiremock-jre8 |
| CDPD-47354 |
Backport PHOENIX-6711 to 7.1.8 CHF4 |
| CDPD-47337 |
backport CDPD-46689 to 7.1.8.x |
| CDPD-47335 |
backport CDPD-26518 to 7.1.8.x |
| CDPD-47320 |
testLoadOnRestart unit test failed on 7.1.8 CHF 3 |
| CDPD-47317 |
COLSTATUS Null Pointer Exception for implicit
collections |
| CDPD-47273 |
backport PATCH-5596 IMPALA-10654 to 7.1.8.x |
| CDPD-47270 |
backport PATCH-5596 IMPALA-10948 to 7.1.8.x |
| CDPD-47262 |
Remove apache commons-text replacement from
components.ini |
| CDPD-47251 |
testRetryConsoleUrlForked unit test fails with NPE |
| CDPD-47246 |
Enable Gerrit build/test for ratis-thirdparty |
| CDPD-47245 |
Add reload4j dependency to Distcp share lib |
| CDPD-47196 |
Smile unit tests are failing in Solr 7.1.8.x |
| CDPD-47137 |
Backport part of HBASE-27141 from upstream to 7.1.7
SP2 |
| CDPD-47134 |
Kafka Connect unit test job fails frequently due to docker image
build problems |
| CDPD-47129 |
Handle empty CSV fields via OpenCSVSerde |
| CDPD-47105 |
IMPALA-11751 Crash in processing partition columns of Avro table
with MT_DOP>1 |
| CDPD-47074 |
Set column names in result schema when plan has Values
root |
| CDPD-47030 |
Impala-shell ldap_password_cmd fails on Python 3.8 |
| CDPD-46984 |
Hbase replication Policy set up fails between 7.1.8 and 7.2.16
cluster |
| CDPD-46969 |
backport IMPALA-11274 to 7.1.8 CHF4 |
| CDPD-46890 |
HBase-thirdparty - Upgrade Jetty: Java based HTTP/1.x, HTTP/2,
Servlet, WebSocket Server to 9.4.48.v20220622/11.0.11 due to critical
CVEs |
| CDPD-46794 |
Connection pool for ObjectStore does not emit
metrics |
| CDPD-46789 |
Policy update request fails if isDenyAllElse flag is set true in
request json when using "/policy/apply" API |
| CDPD-46774 |
Enable batch mode for the Spark Atlas connector unit tests, do
not use the Apache maven repo |
| CDPD-46747 |
Upgrade saxon to 10.8 |
| CDPD-46669 |
Zeppelin - Upgrade commons-codec to 1.13 or higher |
| CDPD-46665 |
Livy - Upgrade commons-codec to 1.13 or higher |
| CDPD-46664 |
Hive - Upgrade commons-codec to 1.13 or higher |
| CDPD-46658 |
Solr - Upgrade wildfly-openssl to 1.1.3.Final/1.1.3.Final+ due to
CVE-2020-25644 |
| CDPD-46657 |
Hadoop - Upgrade wildfly-openssl to 1.1.3.Final/1.1.3.Final+ due
to CVE-2020-25644 |
| CDPD-46626 |
Test failure:
TestContainerRunnerImpl.testSubmitSameFragment |
| CDPD-46568 |
Hive - Upgrade Apache Ivy to 2.5.1 due to CVE-2022-37865,
CVE-2022-37866 |
| CDPD-46564 |
Hue - Upgrade protobuf-java to 3.16.3/3.19.6/3.20.3/3.21.7 due to
CVE-2022-3171 |
| CDPD-46560 |
Knox - Upgrade protobuf-java to 3.16.3/3.19.6/3.20.3/3.21.7 due
to CVE-2022-3171 |
| CDPD-46552 |
Hbase-thirdparty - Upgrade protobuf-java to 3.21.9 due to
CVE-2022-3171 |
| CDPD-46549 |
CDPD - Upgrade protobuf-java to 3.16.3/3.19.6/3.20.3/3.21.7 due
to CVE-2022-3171 |
| CDPD-46322 |
Update logredactor to 2.0.14 due to CVEs in
jackson-databind |
| CDPD-46198 |
Search - Upgrade jsoup to 1.15.3 due to high CVEs |
| CDPD-46161 |
[ranger][replication] cm_hdfs service wasn't transformed
properly |
| CDPD-46160 |
[ranger][replication] Export should fail for non-existing
services |
| CDPD-45966 |
Sqoop - Upgrade hsqldb to 2.7.1 due to
CVE-2022-41853 |
| CDPD-45964 |
Oozie - Upgrade hsqldb to 2.7.1 due to
CVE-2022-41853 |
| CDPD-45959 |
Some tests fail with ssl3_get_server_certificate:certificate
verify failed |
| CDPD-45687 |
Hue Server ignore ssl_cipher_list configuration |
| CDPD-45578 |
CDPD - Upgrade jettison to 1.5.1 due to CVE-2022-40149,
CVE-2022-40150 |
| CDPD-45576 |
Atlas - Upgrade jettison to 1.5.1 due to CVE-2022-40149,
CVE-2022-40150 |
| CDPD-45539 |
Upgrade hsqldb to 2.7.1 due to CVE-2022-41853 |
| CDPD-45498 |
Add missing changes of CDPD-23445 patches |
| CDPD-45448 |
Use Calcite to remove sections of a query plan known never
produces rows |
| CDPD-45385 |
DAS - Upgrade snakeyaml to 1.32 due to high CVEs |
| CDPD-45302 |
spark_atlas_connector_for_spark3_unittests
failures |
| CDPD-44719 |
Spark Atlas Connector - Update log4j to reload4j |
| CDPD-43856 |
Zeppelin - Upgrade postgresql JDBC Driver to 42.5.1 due to
CVE-2022-31197 |
| CDPD-43540 |
Hive Security - Upgrade jersey's jersey to 2.36/3.0.5 due to
medium CVEs |
| CDPD-43354 |
Zeppelin - Remove vulnerable Apache Xalan Java library
(CVE-2022-34169) |
| CDPD-42699 |
Livy - Update log4j to reload4j |
| CDPD-42599 |
Spark - Update log4j1 to reload4j |
| CDPD-42572 |
Zeppelin - Cherry-pick ZEPPELIN-4489 due to
CVE-2020-13929 |
| CDPD-42499 |
Zeppelin - Upgrade HtmlUnit to 2.62.0 due to high
CVEs |
| CDPD-42447 |
Phoenix - Upgrade ICU4J to safe version due to high
CVEs |
| CDPD-42428 |
Zeppelin - Upgrade jsoup to 1.15.3 due to high
CVEs |
| CDPD-42384 |
Spark Atlas Connector - Upgrade Data Mapper for Jackson to
1.9.16-TALEND due to high CVEs |
| CDPD-42290 |
Zeppelin - Upgrade JDOM to 2.0.6.1 due to high
CVEs |
| CDPD-42285 |
Avro - Upgrade JDOM to 2.0.6.1 due to high CVEs |
| CDPD-42217 |
Avatica - Upgrade Apache HttpClient to 4.5.13 due to medium
CVEs |
| CDPD-42153 |
Knox - Upgrade Protocol Buffer Java API to 2.6.1/3.21.2 due to
medium CVEs |
| CDPD-42138 |
Avatica - Upgrade Protocol Buffer Java API to 2.6.1/3.21.2 due to
medium CVEs |
| CDPD-42135 |
CDPD - Upgrade Netty Project to 4.1.78.Final due to critical
CVEs |
| CDPD-42115 |
HBase - Upgrade Netty Project to 4.1.78.Final due to critical
CVEs |
| CDPD-42029 |
Oozie - Upgrade jackson-databind to 2.12.7.1 or 2.13.4.2 due to
high CVEs |
| CDPD-42014 |
Atlas - Upgrade jackson-databind to 2.12.7.1 or 2.13.4.2 due to
high CVEs |
| CDPD-41998 |
Phoenix-connectors - Upgrade Guava: Google Core Libraries for
Java to v28.2/31.1-jre due to low CVEs |
| CDPD-41997 |
Phoenix-thirdparty - Upgrade Guava: Google Core Libraries for
Java to v28.2/31.1-jre due to low CVEs |
| CDPD-41988 |
HBase-thirdparty - Upgrade Guava: Google Core Libraries for Java
to v28.2/31.1-jre due to low CVEs |
| CDPD-41981 |
Curator - Upgrade Guava: Google Core Libraries for Java to
v28.2/31.1-jre due to low CVEs |
| CDPD-41975 |
Avatica - Upgrade Guava: Google Core Libraries for Java to
v28.2/31.1-jre due to medium CVEs |
| CDPD-41279 |
Sqoop - Upgrade protobuf-java to 3.16.1+ due to
CVE-2021-22569 |
| CDPD-41264 |
IMPALA-10316 load_nested.py failed due to out of memory during
Jenkins GVO |
| CDPD-40916 |
Zeppelin - Upgrade xercesImpl to 2.12.2 or later due to
CVE-2022-23437 |
| CDPD-40912 |
Kafka Connect - Upgrade wildfly-elytron to 1.15.5 / 1.16.1 due to
CVE-2021-3642 |
| CDPD-40849 |
Zeppelin - Upgrade gson to 2.9.0 due to
CVE-2022-25647 |
| CDPD-31728 |
Audits : For db create , there are 2 update audits instead of 1
create 1 update |
| CDPD-29098 |
Oozie - Replace log4j 1.x with reload4j |
| CDPD-29057 |
HBase - Replace log4j 1.x with reload4j |
| CDPD-27403 |
DAS - Upgrade hibernate-validator to 6.1.6.Final or later due to
CVE-2020-10693, CVE-2019-10219 |
| CDPD-25701 |
IMPALA-10683 TestHdfsParquetTableWriter.test_double_precision
broken on S3 |
| CDPD-19398 |
Zeppelin - Upgrade to jersey-media-jaxb 2.32 |
