Fixed Issues in Zeppelin

Review the list of Zeppelin issues that are resolved in Cloudera Runtime 7.2.12.

Fixed issues

  • CDPD-29838: Zeppelin notebook creation failure due to Hadoop ClassCastException
  • CDPD-28834: Credentials file should get saved along with notebook-authorization.json and interpreter.json
  • CDPD-24981: Zeppelin notebook can not create table with jdbc phoenix interpreter
  • CDPD-23410: Zeppelin notebook_authorizations::test_only_owners_can_change_permissions test is failing
  • CDPD-22469: ZEPPELIN-5231: Livy Interpreter doesn't support Japanese Character - Encoding Issue
  • CDPD-17187: Zeppelin - Upgrade to Angular 1.8.0 due to CVEs
  • CDPD-20908: Remove log4j-slf4j-impl from JDBC/Hive interpreter
  • CDPD-19308: Zeppelin - Upgrade to slf4j 1.7.30
  • CDPD-19316: Zeppelin - Upgrade httpclient to 4.5.13+ / 5.0.3+ due to CVE-2020-13956
  • CDPD-20461: Zeppelin - Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649
  • CDPD-20267: Zeppelin build failure on cdpd-master
  • CDPD-17471: [ZEPPELIN-5116]Accessing zeppelin via knox after knox logout should be redirected to knox login page
  • CDPD-17933: Zeppelin - Upgrade spring framework to 4.3.29.RELEASE+ due to CVE-2020-5421
  • CDPD-19243: Upgrade to Shiro 1.7.0 due to CVE-2020-17510
  • CDPD-18170: Zeppelin - Upgrade or remove auto-value due to shaded guava CVEs
  • CDPD-15497: Harmonize joda-time to version 2.10.6(cdpd harmonized)
  • CDPD-17543: Zeppelin UI is not comping due to Corrupted notebooks
  • CDPD-16197: Upgrade api-*-1.0.0.jar due to CVEs
  • CDPD-16096: Zeppelin - upgrade google-oauth-client to 1.31.0
  • CDPD-17017: Upgrade xercesImpl to to 2.12.0 due to CVE-2018-2799
  • CDPD-16845: Upgrade to Shiro 1.6.0 (CVE-2020-13933)
  • CDPD-16111: Upgrade jsoup-1.7.2 (CVE-2015-6748)
  • CDPD-16104: Upgrade postgresql JDBC driver to 42.2.16
  • CDPD-14569: [ZEPPELIN-4414]. Upgrade thrift to 0.13
  • CDPD-13378: Bumup version of Java Native Access (JNA)
  • CDPD-16114 Upgrade jackrabbit-webdav 1.5.2 due to CVE-2015-1833
  • ZEP-97: [ZEPPELIN-3690] display all column with the same name in ui-grid
  • CDPD-16115: Upgrade jgit due to CVE-2016-5725
  • CDPD-14614: Update Spring Framework for Zeppelin (CVE-2018-1270)
  • CDPD-11599: Update Quartz Enterprise Job Scheduler for Zeppelin (CVE-2019-13990)
  • CDPD-14580: Upgrade Scala for CVEs
  • BUG-124121: Password hashing not working in Zeppelin
  • CDPD-15628: Compilation faliure on dex-box
  • CDPD-12920: Upgrade nimbus-jose-jwt to 7.9
  • CDPD-14990: Upgrade libpam4j to 1.11 (CVE-2017-12197)
  • CDPD-11426: Ensure consistent usage of jackson to 2.10.3
  • CDPD-14579: remove org.reflections (CVE-2020-10683)
  • CDPD-14581: Update Spring Framework for Zeppelin in 7.2.1.0 (CVE-2018-1275)
  • CDPD-14369: [ZEPPELIN-4736] The use of SslContextFactory is deprecated
  • CDPD-11406: Include NOTICE and LICENSE files in component directories
  • CDPD-11301: Remove jackson and jersey-bundle
  • CDPD-11780: Zeppelin: Remove spark (and other interpreters that are not shipped) source dependencies
  • CDPD-11348: Update log4j to address CVE-2019-17571
  • CDPD-11501: Update Apache Shiro for Zeppelin to 1.5.3
  • CDPD-11571: Zeppelin build failure on cdpd-master due to perfect-scrollbar
  • CDPD-10187: Zeppelin - Incorrect version of jackson-mapper-asl in CDP
  • CDPD-9119: Zeppelin - Upgrade to Guava 28.1 to avoid CVE-2018-1023
  • CDPD-9030: Upgrade jackson-databind to version 2.9.10.3 [CVE-2020-8840]
  • CDPD-9454: [ZEPPELIN-4697] Zeppelin scheduler pings terracotta.org
  • CDPD-8163: Remove `org.spark-project.hive` dependency
  • CDPD-7789: Zeppelin - Upgrade to Jetty 9.4.26 to avoid CVEs
  • CDPD-7479: add hadoop-cloud-storage jar in Zeppelin
  • CDPD-3600: Sync Zeppelin with community latest version (0.8.2)
  • CDPD-2933: [ZEPPELIN-4272] Zeppelin fails to use s3a configured for zeppelin.notebook.dir
  • CDPD-1683: KerberosRealm roles should match with local file system, if nothing is specified
  • CDPD-2300: Initialize proxyuser with proper configuration
  • CDPD-1491: Zeppelin should support doAs
  • BUG-120595: [ZEPPELIN-4197] Upgrade Jackson to 2.9.9
  • BUG-120606: [ZEPPELIN-4187] Bump up version of Scala from 2.11.8 to 2.11.12 (#3378)
  • BUG-120605: [ZEPPELIN-4186] Bump up version of org.jsoup:jsoup (#3377)
  • BUG-120596: [ZEPPELIN-4188] Upgrade Jetty to 9.4.18.v20190429
  • BUG-120594: ZEPPELIN-4193 Upgrade Bouncy Castle bcpkix-jdk15on to 1.60
  • BUG-120593: [ZEPPELIN-4185] Upgrade Thrift to 0.12.0 (#3376)
  • CDPD-1009: ZEPPELIN-4168: Use secure URLs for Maven repositories (#3370)
  • CDPD-717: [Zeppelin 3792] Zeppelin SPNEGO support
  • ZEP-79: Disable fs.file.impl cache to ensure RawLocalFS is used
  • BUG-109581: [ZEPPELIN-3741] Do not clear "Authorization" header if Z-server is running behind proxy
  • BUG-106906: Add shiro-tools-hasher in Zeppelin
  • BUG-106297: JDBC interpreter log file is missing in zeppelin log directory
  • BUG-102172: Include Google Connector in Zeppelin
  • BUG-98604: Correct tutorial link should be added in interpreter page
  • BUG-100845: Remove livy2.pyspark3 interpreter on zeppelin side
  • BUG-114354: Fixes to make s3 storage work
  • BUG-114354: Change Zeppelin to use unshaded jars
  • BUG-103954: Exclude other dependencies in STS shaded JDBC driver to prevent conflict
  • BUG-103715: fix handshake_failure download
  • CDPD-10288: Zeppelin Notebook Initialisation fails with CNF error in RAZ Enabled Cluster

Apache patch information

Apache patches in this release. These patches do not have an associated Cloudera bug ID.

  • ZEPPELIN-5231
  • ZEPPELIN-5116
  • ZEPPELIN-3741
  • ZEPPELIN-4168
  • ZEPPELIN-4185
  • ZEPPELIN-4193
  • ZEPPELIN-4188
  • ZEPPELIN-4186
  • ZEPPELIN-4187
  • ZEPPELIN-4197
  • ZEPPELIN-4272
  • ZEPPELIN-4697
  • ZEPPELIN-4736
  • ZEPPELIN-3690
  • ZEPPELIN-4414