Fixed Issues in Apache Livy

Review the list of Livy issues that are resolved in Cloudera Runtime 7.1.9.

CDPD-55116: Fix Spark vulnerability CVE-2023-22946
This fix is blacklisting spark.submit.deployMode and spark.submit.proxyUser.allowCustomClasspathInClusterMode spark configurations in Livy create session REST API. A new Livy configuration livy.server.session.allow-custom-classpath property is added to allow custom class path. If you want to disable or rollback this fix, add livy.server.session.allow-custom-classpath as true in the Livy configuration using the Cloudera Manager safety valve.
CDPD-55423: remove verbose output on Livy UI error pages.
A new livy.server.send-server-version Livy configuration property is added. You can set to true to send the server version in Cloudera Manager. By default, the value is set to false.
CDPD-48614: Merge latest Apache Livy into CDP 7.1.9
Livy and Livy for Spark 3 have been updated to upstream version 0.7.2. Additionally, includes some CDP-specific patches and fixes. LDAP is not supported.
CDPD-45165: Livy HA in CDP PvC Base
Livy Server Active/passive High Availability is available.

Apache patch information

  • LIVY-974
  • LIVY-975