Fixed issues in Atlas
This section lists the issues that have been fixed since the previous version. See also What's New in Apache Atlas.
- CDPD-11434: Lineage graph improvement and lib version updated
- In previous releases, very complicated lineage relations combined with classifications that propagate through the lineage relations could cause the Atlas UI to fail to render the lineage for an entity. This release improves how the Atlas UI manages updating large numbers of lineage relations with classifications.
- CDPD-10399: Upgrade jackson-databind to version 2.9.10.4 for Atlas
- Atlas now uses the Jackson
databind
library version 2.9.10.4. - CDPD-9805: CVE: Use correct version of jackson-databind for Impala
- The Atlas Impala bridge has been updated to specify the Jackson
databind
library in the same way that it is specified in the Hive bridge so that both applications use the same library version. - CDPD-8240: Atlas - Upgrade to Jetty 9.4.26 to avoid CVEs
- Atlas now uses Jetty 9.4.26, which addresses the following CVEs: CVE‑2017‑7656, CVE‑2017‑7657,CVE‑2017‑7658, CVE‑2018‑12536, CVE‑2017‑9735, CVE‑2019‑10247.
- CDPD-8017: Upgrade to Guava 28.1 to avoid CVE-2018-10237
- Atlas has been upgraded to use Guava version 28.1 to avoid CVE-2018-10237.
- CDPD-7851: Atlas UI security vulnerabilities
- Atlas includes security headers for all REST API endpoints.
- CDPD-6405: Stored XSS in Atlas
- This release includes a fix for a stored cross-site scripting (XSS) attack vulnerability in the Atlas UI.
- OPSAPS-51224: Atlas custom properties ignored in client services
- When adding a custom property for the
atlas-application.properties
in Atlas hook-based services such as Hive, HBase, and Impala, the custom property is not reflected in the actual configuration file that Cloudera Manager generates, causing these properties to be ignored.