Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

CVE-2018-11760: Apache Spark local privilege escalation vulnerability

ratheeshnkumar
New Contributor

Created ‎02-04-2019 09:49 AM

Hi All,

I have noticed a vulnerability reported for spark in https://spark.apache.org/security.html.

My organization is using HDP-2.6.5 which has the Spark version 2.2.x. How can I upgrade it to Spark-2.2.3 which is the mitigated version as per the doc.

Thanks,

Ratheesh

652 Views
0 Kudos
1 REPLY 1

gsthina
Contributor

Created ‎03-23-2020 06:50 AM

Hi, 

 

Based on the documentation [1], we notice that the HDP -2.6.5 already has Apache Spark 2.3.2 in it. 

We recommend upgrading HDP stack so that you can get an appropriate version of spark which comes with stack instead of manually installing spark.

 

[1] https://docs.cloudera.com/HDPDocuments/HDPforCloud/HDPforCloud-2.6.5/hdp-release-notes/content/hdp_c...

507 Views
0 Kudos
Take a Tour of the Community
Don't have an account?
Register
Your experience may be limited. Sign in to explore more.
Announcements
Community Announcements
March 2023 Community Highlights
What's New @ Cloudera
Cloudera DataFlow Designer for self-service data flow development is now generally available to all CDP Public Cloud customers
What's New @ Cloudera
Cloudera Operational Database (COD) UI provides the JWT configuration details to connect to your HBase client
What's New @ Cloudera
Cloudera Operational Database (COD) UI allows storage type selection when creating an operational database
What's New @ Cloudera
Release of Cloudera Streaming Analytics (CSA) 1.9.0 for CDP 7.1.7 SP2 & CDP 7.1.8
View More Announcements