Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

CDP minor upgrade to close vulnerability

avatar
author-rank HanzalaShaikh
Expert Contributor

Created ‎05-25-2023 11:19 AM

Hi Experts,

 

We are on 7.1.6 CDP version and exposed to CVE-2022-25168. 

 

Versions affected: 2.0.0 to 2.10.1, 3.0.0-alpha to 3.2.3, 3.3.0 to 3.3.2

 

To address this vulnerability, we are planning to upgrade to CDP 7.1.7 as I got this information from one of the posts in the cloudera community.

 

My question is does anyone did this upgrade before from 7.1.6 to 7.1.7 to eliminate this CVE. If yes, then how easy is it do we need to make changes in the code level also or we can do the upgrade from the GUI by just downloading, distributing and activating the new version.  

 

Please help with your suggestion and if possible, please share the documentation for this upgrade.

 

Thanks

 

1,137 Views
0 Kudos
0
1 ACCEPTED SOLUTION

avatar
author-rank HanzalaShaikh
Expert Contributor

Created ‎09-30-2023 09:10 AM

Since we are using CDW Cloudera data warehouse, upon doing some research I can say there no change required on code level as we are using hive on Tez and it is going to be a not a major upgrade as we do from CDH to CDP.

Hence accepting this as a solution to my query after thorough research.

View solution in original post

940 Views
0
2 REPLIES 2

avatar
author-rank HanzalaShaikh
Expert Contributor

Created ‎09-30-2023 09:10 AM

Since we are using CDW Cloudera data warehouse, upon doing some research I can say there no change required on code level as we are using hive on Tez and it is going to be a not a major upgrade as we do from CDH to CDP.

Hence accepting this as a solution to my query after thorough research.

941 Views
0

avatar
author-rank cjervis author-rank
Community Manager

Created ‎10-02-2023 06:02 AM

Thank you for posting your findings @HanzalaShaikh 


Cy Jervis, Manager, Community Program
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
930 Views
Announcements
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
View More Announcements