Fixed Issues in Apache Impala

Review the list of Impala issues that are resolved in Cloudera Runtime 7.2.17.

CDPD-54464: IMPALA-12043 Large catalog info triggers "TTransportException: MaxMessageSize reached"

Fix "TTransportException: MaxMessageSize reached" during large catalog info reading.

CDPD-50862: Extend usage of fire_listener_event API to HS2/Spark to generate events on DML queries

The data written from Spark will now generate an "Insert" event in the HMS notification log table. This is useful for external services (listeners) like Impala to know the current condition of an external table.

CDPD-50186: IMPALA-11966 Enable cache_ozone_file_handles by default

Enables cache_ozone_file_handles by default to improve scan performance with Ozone.

CDPD-50180: IMPALA-11920 Spill to HDFS/Ozone can't address by service name

Specifying an HDFS or Ozone path for spilling to external storage can now use a service name, such as ofs://ozone1/myvolume/spilldir/.

CDPD-49648: Upgrade chart.js to 2.9.4+ due to CVE-2020-7746

Upgrades chart.js in Impala UI to address CVE-2020-7746.

CDPD-49100: Impala - Upgrade Kryo to 5.0.2+ due to BDSA-2016-1151(DoS, memory corruption, and RCE attacks)

Kryo is not used by Impala at runtime. It is excluded from the Impala Java build to avoid CVE concern.

CDPD-49015: IMPALA-11859 Metric tracking encrypted bytes read

Adds BytesReadEncrypted to query profiles and the metric impala-server.io-mgr.encrypted-bytes-read to observe reads of encrypted data from HDFS/Ozone.

CDPD-48780: impala-shell now requires setuptools be manually added

Fixes a regression in CHF3 where impala-shell under Python 2 required installing setuptools.

CDPD-48721: Impala - Upgrade Jquery Datatables to the latest version to avoid Security issues

Updates Jquery Datatables in the Impala UI to address CVE-2020-28458 and CVE-2021-23445.

CDPD-47643: Impala SHOW statement to display EC files and policies

Impala's SHOW FILES, SHOW PARTITIONS, SHOW TABLE STATS, and DESCRIBE EXTENDED now display the erasure code policy for files/tables in filesystems that support erasure coding.

CDPD-47640: Impala erasure coding support

Impala now supports interacting with erasure-coded files in HDFS.

CDPD-47206: IMPALA-11730 Add support for spilling to Ozone

Impala can now be configured to spill to Ozone, for example with scratch_dirs="/tmp/scratch,ofs://ozone-scm:9862/tmp".

CDPD-47205: IMPALA-11736 LOAD DATA statement with Ozone data can not load data from different bucket

Impala now correctly handles loading data from a different Ozone bucket.

CDPD-47030: Impala-shell ldap_password_cmd fails on Python 3.8

Fixes impala-shell --ldap_password_cmd with Python 3.

CDPD-46986: Backport CDPD-45163 to CDH-7.2.16.1 branch

Implement Iceberg manifest caching config for Impala

CDPD-46985: Backport Iceberg manifest caching to CDH-7.2.16.1

Add Iceberg manifest caching feature for Impala.

CDPD-46368: Impala remote Ozone scans slow even after data cache warmup

Improves scan performance with Ozone when using a data cache.

CDPD-45886: IMPALA-11670 Upgrade components for CVEs, make it easier to override versions

Upgrades components guava and jackson-databind to address CVE-2020-8908, CVE-2022-42003, and CVE-2022-42004.

CDPD-45661: Support erasure-coding in impala

Reading erasure-coded files from Ozone is now supported with Impala.

CDPD-44372: Impala - Upgrade Spring Framework to 5.3.20 due to multiple CVEs

Impala upgrade the Spring framework to 5.3.20 to address multiple CVEs: - CVE-2022-22971 - CVE-2022-22968 - CVE-2022-22970

CDPD-43746: Support for Ozone erasure coded data

Impala now supports interacting with erasure-coded files in Ozone.

CDPD-24718: Application is Vulnerable to CSRF attack - Impala CatalogServer, StateStore

Adds Cross-Site Request Forgery (CSRF) prevention in Impala UIs. Changing log levels now requires a POST request from the UI or with the 'X-Requested-By' custom header.

CDPD-8130: Add HTTP Strict Transport Security (HSTS) for Impala

Adds HTTP Strict Transport Security (HSTS) to Impala UI responses when HTTPS is enabled.