Fixed issues in Cloudera Runtime 7.1.9 SP2 CHF 1
Fixed issues for Cloudera Runtime 7.1.9 Service Pack (SP) 2 Cumulative Hotfix (CHF) 1 provide resolutions for identified bugs across the Runtime components.
The following were delivered for CDP Private Cloud Base version 7.1.9-1.cdh7.1.9.p20100.80071148:
- CDPD-99927: Impala processes crash with out-of-memory errors during many-to-many joins
- Previously, during certain many-to-many joins containing string
functions such as
UPPER(), the system allocated temporary memory continuously during the processing of a single row batch. This memory accumulation caused the Impala daemon process to crash with an out-of-memory error. - CDPD-102464: ZooKeeper configuration properties logged without redaction
- Previously, ZooKeeper configuration properties were recorded in plain text, potentially exposing sensitive data within the logs. This issue is now resolved by implementing a log redaction method to ensure that all sensitive values are appropriately masked during the logging process.
- CDPD-102463: Reverse DNS lookup in TLS client and server
- Previously, ZooKeeper performed reverse DNS lookups during TLS handshakes in both the client and server, which introduced a high security vulnerability.
The following Common Vulnerabilities and Exposures (CVEs) are fixed in this CHF:
| Common Vulnerabilities and Exposures | Description |
|---|---|
| CVE-2026-34477 | Apache Log4j |
| CVE-2026-34478 | Apache Log4j |
| CVE-2026-34479 | Apache Log4j |
| CVE-2026-34480 | Apache Log4j |
| CVE-2026-34481 | Apache Log4j |
