Fixed Issues in Cloudera Runtime 7.2.17.700
You can review the list of reported issues and their fixes in Cloudera Runtime 7.2.17.700. This service pack was released on 18 Sep, 2024
- CDPD-73217: Backport 'add security-related HTTP headers'
- Security-related HTTP headers are added to the Kudu embedded webserver to comply with security scanner requirements.
- CDPD-72522: IMPALA-12582 Executors crashed while generating the runtime filters
- The Impala executors stopped responding while generating the runtime filters. This issue is now resolved.
- CDPD-72008: SMM UI - Upgrade node.js to 22.4.1/20.15.1/18.20.4 due to multiple CVEs
- Upgraded the Node.js version in the Streams Messaging Manager UI to 22.4.1 due to CVE-2024-27980, CVE-2024-22020, CVE-2024-36137, CVE-2024-22018 and CVE-2024-37372.
- CDPD-71931: Ranger - Upgrade Commons-Compress to 1.26.0 due to CVE-2024-25710 and CVE-2024-26308
- Upgraded the Commons-Compress version to 1.26.0 due to CVE-2024-25710 and CVE-2024-26308.
- CDPD-71580: workaround needed for bootbox due to CVE-2023-46998
- The Bootbox.js library was outdated. It is now removed and a new library Bootprompt is now used.
- CDPD-71361: [7.2.17.700] Temporarily disable the tasks tab on Entity Detail page
-
Previously, the Entity Detail page displayed the Something went wrong error message. This occured because, on loading the Entity Detail page, an API call (/api/atlas/admin/tasks) was made to get all the tasks created when deferred actions features are enabled.
This issue is now resolved and in the Entity Detail page, the API of the Tasks tab now displays information depending on the server side property
atlas.tasks.ui.tab.enabled. This property was set to falsepreviously. So temporarily the Tasks tab on Entity Detail page in the UI is disabled. - CDPD-70950: ORC - Upgrade Aircompressor to 0.27 due to CVE-2024-36114
- Upgraded the Aircompressor version to 0.27 due to CVE-2024-36114.
- CDPD-67834: Hive - Upgraded Nimbus-JOSE-JWT to 9.37.3 due to CVE-2023-52428
- Upgraded the Nimbus-JOSE-JWT version to 9.37.3 due to CVE-2023-52428.
- CDPD-67711: We are unable to access AFBS folder in Hue
- Previously, the URL parameters were encoded only for small set of
use-cases. But the parameters must be encoded always to cover all use-cases. This issue is
now resolved and the
the _make_urlmethod of HttpClient class is overrid and itsUrlEncodemethod is changed to use thequote()method instead of the defaultquote_plus(). This also fixed the scenarios of whitespaces present in the path that regressed after the above change. - CDPD-67224, CDPD-67222: Ozone - Upgrade Spring Framework to 6.1.6/6.0.19/5.3.34 due to CVE-2024-22243, CVE-2024-22259 and CVE-2024-22262
- Upgraded the Spring Framework version to 5.3.34 due to CVE-2024-22243, CVE-2024-22259 and CVE-2024-22262.
- CDPD-62164: Ranger backup should support different buckets
- Ranger backup previously supported only one bucket. It now supports multiple buckets
- CDPD-31172: Hive: Intermittent ConcurrentModificationException in HiveServer2 during mondrian testset
- Fixed an exception by using ConcurrentHashMap instead of HashMap to avoid the race condition between threads occurring because of concurrent modification of PerfLogger endTimes/startTimes maps.
