Cumulative hotfix CDP PvC Base 7.1.8 (Cumulative hotfix9)
Know more about the cumulative hotfix 9 for 7.1.8. This cumulative hotfix was released on June 1, 2023.
Following are the list of fixes that were shipped for CDP Private Cloud Base version 7.1.8-1.cdh7.1.8.p35.41426564
- KT-7467: Keytrustee - Upgrade Spring-boot to 2.11+ or 3.0.6+ due to CVE-2023-20873
- KT-7461: [7.1.8.x] - Upgrade org.json to 20230227+ due to CVE-2022-45688
- KT-7458: [CDH-7.1.8.x] - Upgrade commons-codec to 1.13+
- KT-7457: [CDH-7.1.8.x] - Upgrade commons-io to 2.7+ due to CVE-2021-29425
- COMPX-14340: YARN-11490 JMX QueueMetrics breaks after mutable config validation in CS
- COMPX-14147: YARN-11312 [UI2] Refresh buttons don't work after EmberJS upgrade
- CDPD-56581: Backport CDPD-46655 to hbase-filesystem CDH-7.1.8.x branch
- CDPD-56580: Backport CDPD-40352 to hbase-filesystem CDH-7.1.8.x branch
- CDPD-56384: Ranger - Upgrade Spring LDAP to 2.4.1 due to high CVEs
- CDPD-56383: Ranger - Upgrade BeanShell to 2.1b5 due to high CVEs
- CDPD-56381: Ranger - Upgrade Apache Derby due to critical CVEs
- CDPD-56334: Backport HADOOP-17270. Fix testCompressorDecompressorWithExeedBufferLimit to cover the intended scenario
- CDPD-56266: Backport CDPD-55922 to 7.1.8 CHF
- CDPD-56258: Backport CDPD-55116 to 7.1.8 CHF9
- CDPD-56228: Backport PARQUET-2258 to CDH-7.1.8.x
- CDPD-56213: Fix sql patch 65 syntax issue for oracle db
- CDPD-56183: Backport IMPALA-11435 to CDH-7.1.8 CHF9
- CDPD-56134: Reload4j migration error in ZooKeeper
- CDPD-56132: Atlas - Upgrade Spring Security to 5.7.8+/5.8.3+/6.0.3+ due to CVE-2023-20862
- CDPD-56017: Backport HDDS-8385. Ozone can't process snapshot when service UID > 2097151
- CDPD-56011: ServiceTagsProcessor fails to handle update of an existing Service-Resource
- CDPD-55994: Ranger Upgrade to 7.1.9 may fail
- CDPD-55978: [7.1.8 CHFx CLONE] - Wrong permission check for Hive "Alter View as" command in Ranger HiveAuthorizer
- CDPD-55780: SR mTLS unit test secondary cert is expired
- CDPD-55617: Atlas - Upgrade Nimbus-JOSE-JWT to 9.24 due to CVEs coming from json-smart
- CDPD-55609: Schema Registry - Upgrade Nimbus-JOSE-JWT to 9.24 due to CVEs coming from json-smart
- CDPD-55562: Include HOTFIX-5604 for HDDS-6991: Setting bucket owner may throw NPE
- CDPD-55561: Ranger - Upgrade bcpkix-jdk15on to 1.70+ due to CVE-2019-17359
- CDPD-55527: Backport HBASE-27619
- CDPD-55526: Backport HBASE-27484
- CDPD-55525: Backport CDPD-46655
- CDPD-55524: Backport HBASE-27368
- CDPD-55523: Backport HBASE-27265
- CDPD-55522: Backport HBASE-27204
- CDPD-55521: Backport HBASE-27017
- CDPD-55520: Backport HBASE-27061
- CDPD-50462: [7.1.8.x] - Ranger - Upgrade org.json to 20230227+ due to CVE-2022-45688
- CDPD-50450: Backport HIVE-27201: Inconsistency between session Hive and thread-local Hive may cause HS2 deadlock
- CDPD-48171: Spark - Upgrade snakeyaml due to CVE-2022-1471
- CDPD-45389: Calcite - Upgrade snakeyaml to 1.32 due to high CVEs
- CDPD-43470: CDPD - Upgrade aws-java-sdk to 1.12.261+ due to CVE-2022-31159
- CDPD-41590: IMPALA-11406 Incorrect duration logged in "Authorization check took n ms"
- CDPD-56005 Backport SPARK-26548 to Spark2
- CDPD-56007 Backport SPARK-26617 to Spark2