Cloudera Docs

Fixed Issues In Cloudera Runtime 7.2.16.3

You can review the list of reported issues and their fixes in Cloudera Runtime 7.2.16.3.

CDE

The following issue is resolved:

  • TSB 2024-650: Arbitrary file deletion vulnerability in Apache Zeppelin

CDH

The following issue is resolved:

  • HOTREQ-1347 Select query with LIMIT clause can fail if there are marker files like "_SUCCESS" and "_MANIFEST"
  • HOTREQ-1287 Wrong results for partitioned Parquet table when files contain partition column
  • HOTREQ-1330 add a way to reenable abfs readahead
  • HOTREQ-1334 S3 Copy Optimization
  • HOTREQ-1315 Upgrade node.js due to CVE-2022-35255, CVE-2022-43548 and CVE-2022-32212
  • HOTREQ-1344 Hot fix JIRA CDPD-47077 for Public Cloud 7.2.15
  • HOTREQ-1320 HOTFIX for Bug - Add delegation token support for long running spark job
  • HOTREQ-1369 Ranger S3 policy fails for read only or write only access
  • HOTREQ-1275 Hotfix for - IMPALA-11751
  • HOTREQ-1244 HOTFIX Request for CDPD-46957
  • HOTREQ-1274 HOTFIX REQ for issue HUE with KNOX unable to open workflow links in new tab with right click

CFM

  • HOTREQ-1376 Fix flow downloading via knox for LGIM
  • HOTREQ-1282 CFM - Parameter context inheritence fail during startup
  • HOTREQ-1372 CaptureChangeMySQL processor fixes
  • HOTREQ-1399 Ship NIFI-11363 to solve ENGESC-19490

CDPD-44232: Performance and security enhancements in Hue

Python 2 has reached the end of life and is no longer supported. Hue now uses Python 3 which makes use of critical bug fixes and Common Vulnerabilities and Exposures (CVE) fixes for many third-party software dependencies. The following changes have been made in the Hue codebase in this release of CDP Public Cloud:
  • Python libraries such as django-auth-ldap, django-axes, djangorestframework-simplejwt, Mako, Markdown, pyth on-ldap, django-babel, django-mako, django-cors-headers, djangorestframework, eventlet, sqlparse, and so on have been upgraded from Python 2.7 to Python 3.8.
  • The Django server has been upgraded from version 1.11.29 to 3.2.15.
  • Hue now uses Gunicorn as a front-end server. Previously, Hue used the CherryPy server.
These upgrades bring significant performance improvement and stability in query execution, uploading, and importing files to S3 or ABFS. Operating System, Python version, and Python module upgrades have resulted in a stable environment and fixed more than 800 security vulnerabilities.

Known issue: CDPD-54714

This is due to a missing configuration in Cloudera Manager. When Hue is enabled with Knox as authentication backend and Hue also in HA mode, all Hue instance's hostname should be added in knox_proxyhosts. This issue is known since Hue is still built with Python 2. This is not the issue related to recent Hue Python 3 build change.
Follow the procedure available in the Integrate Hue with Knox documentation.