Cloudera Docs

Regressions During an Upgrade

This document outlines the missing backports that have led to regressions during an upgrade or fresh installation. The following sections detail the comprehensive list of fixes and improvements that were implemented in a previous release but are now missing in the upgraded Cloudera version. Furthermore, it also explains any behavioral changes for individual components that have been observed after the upgrade.

Upgrade regression in Cloudera Runtime 7.3.1.400 SP2

Summary: Removal of non-standard case() function syntax in Hive
The non-standard case() function syntax has been removed from Hive.
Previous behavior:
Hive previously allowed a non-standard SQL syntax for the CASE expression using a function-like call:
select case(...) from ....
New behavior:
The non-standard case() function has been removed. You must use the official SQL standard CASE expression syntax. The standard syntax remains supported:
  • Simple CASE: 
    SELECT CASE a WHEN b THEN c [WHEN d THEN e]* [ELSE f] END FROM ...
  • Searched CASE: 
    SELECT CASE WHEN a=b THEN c [WHEN a=d THEN e]* [ELSE f] END FROM ...

Apache Jira: HIVE-28792

Summary: Security-related HTTP headers and HSTS enforcement in Streams Replication Manager
Previous behavior:
Streams Replication Manager included the following security headers in API responses and enforced HTTP Strict Transport Security (HSTS) when SSL was enabled:

  • Strict-Transport-Security: max-age=31536000; includeSubDomains - Enforces HTTPS communication for all requests, including subdomains, for a duration of one year. This header is only added when SSL is enabled.

  • X-Frame-Options: SAMEORIGIN - Prevents clickjacking attacks by disallowing the page from being embedded in elements on other domains.

  • X-XSS-Protection: 1; mode=block - Enables the XSS filter of the browser and blocks the page if an attack is detected.

  • Content-Type: application/json - Ensures proper MIME type handling for responses.

  • Cache-Control - Controls caching behavior.
    • Configured for API endpoints as no-store.
    • Configured for Swagger UI endpoints as max-age=7200.

  • X-Content-Type-Options: nosniff - Prevents MIME type sniffing.

  • Content-Security-Policy - Implements strict policies to control the sources of content that can be loaded.
    • Configured for API endpoints as default-src 'none';.
    • Configured for Swagger UI endpoints as default-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data:; style-src-attr 'self' 'unsafe-hashes'; style-src 'self' unsafe-inline'.
New behavior:
The headers are no longer included. Additionally, HTTP Strict Transport Security (HSTS) is not enforced when SSL is enabled.
Summary: Update to transient_lastDdlTime table property behavior for Iceberg tables
Previous behavior:
Running the ALTER TABLE Impala statement on an Iceberg table automatically updated the transient_lastDdlTime table property.
New behavior:
The ALTER TABLE statement no longer updates the transient_lastDdlTime table property.

Iceberg does not persist the table name within its metadata files. Consequently, operations like renaming a table only modify the catalog entry, while the metadata (table state) stored in the file system remains unchanged.

Apache Jira: IMPALA-11672

Summary: Changes to ALTER TABLE SET PARTITION SPEC field ID distribution
Previous behavior:
The partition specification update mechanism was modified to utilize an updated Iceberg API that preserves existing partition specifications by generating new field IDs for modified partitioning terms. The change addressed issues with field ID distribution. For V1 Iceberg tables, the method now correctly adds the VOID partition transform for fields removed during updates. For V2 tables, updated fields are reused, but their order remains consistent with when they were first introduced in the specification.
New behavior:
Impala reuses existing partition field IDs when modifying partition transforms (for example, changing bucket counts or truncate widths) instead of assigning new partition field IDs for the transform.

Apache Jira: IMPALA-12605

Summary: Incosistent commons-lang3 versions in Avro dependencies
Previous behavior:
All components correctly inherited the centralized commons-lang3 version.
New behavior:
The centralized version was updated to 3.13, but the following components did not update and remain on divergent commons-lang3 versions:
  • Apache Avro Compiler
  • Apache Avro IPC
  • Apache Avro Mapred API
  • Apache Avro Maven Plugin
  • Apache Avro Thrift Compatibility