Cloudera Runtime Release NotesPDF version

Fixed Issues in Cloudera Runtime 7.2.18.800

You can review the list of reported issues and their fixes in Cloudera Runtime 7.2.18.800.

CDPD-74892: Atlas can't consume simple Iceberg CREATE table statements from Cloudera Data Warehouse
The incompatibility issue is resolved by a fix on Apache Atlas server side with versions Cloudera Public Cloud 7.2.18 and 7.3.1. These versions now can handle Iceberg tables with older Iceberg models, as from Cloudera Data Warehouse hook side version 2024.0.18.2-4 the Cloudera Data Hub version is 7.2.17 (Hive, Impala, Spark).
CDPD-78193: CSV injection vulnerability during CSV and Excel file export
When policies are created with the special characters mentioned in the doc, there were vulnerabilities which can be exploited.

The issue is fixed now. Checks have been added to ensure whenever such characters are present, a space after it is added.

CDPD-77399: HBase fails to register the servlet metrics and throws ClassNotFoundException: org.apache.hadoop.metrics.MetricsServlet
This issue is fixed now. HBase does not warn about the Hadoop 2-based metric servlet class on a Hadoop 3 deployment.

Apache Jira:: HBASE-28315

CDPD-78069: Oozie action configuration's Java opts are not applied after CDPD-60551

Added the ability to configure a list of Hadoop properties that can be passed to the Oozie launcher configuration, if they are not already set in Oozie through oozie.launcher.<hadoop property key> or within its workflows.

The default properties in this list are: yarn.app.mapreduce.am.admin-command-opts and yarn.app.mapreduce.am.command-opts. These defaults can be overridden by setting a comma-separated list in the oozie.service.HadoopAccessorService.global.yarn.java-options-keys property. The oozie.LauncherConfigurationInjector.hadoop.search.properties is now deprecated.

CDPD-79144: Incorrect schema version in Hive schema initialization script for MySQL
Cluster creation with DataHub version 7.2.18.600 fails due to an incorrect database schema version (3.1.3000.7.2.18.0-Update1) in the CDH_VERSION table.
The issue was addressed by correcting the schema version in the Hive schema initialization script to 3.1.3000.7.2.18.0-Update2, ensuring successful cluster creation.
CDPD-79108: KerberosBasicAuthenticationHandler cannot handle colons in passwords
KerberosBasicAuthenticationHandler can now handle colons in passwords. This handler is used by Schema Registry and Streams Messaging Manager.
Fixed Common Vulnerabilities and Exposures

Common Vulnerabilities and Exposures (CVE) that are fixed in Runtime 7.2.18.800:

CVEsPackage Name
CVE-2024-55532Apache Ranger
CVE-2020-36518Jackson Databind
CVE-2021-46877Jackson Databind
CVE-2023-20859Spring Vault
CVE-2024-8391Vertx