I found this new CVE for Hadoop (CVE-2020-9492).The solution is to upgrade to Hadoop 2.10.1 but HDP 2.6.5 (with Apache Hadoop version 2.6.7) is the latest version of Apache Hadoop 2.
Could be possible to fix any CVE into HDP 2.6.5.
Thanks in advance.
I dont see any fix for your version. However, you can use the below workaround:
View solution in original post
Thanks for the asnwer regarding this security issue.
Generally speaking, does Cloudera could include future fixes in an old version ?
Yes, if the version is supported. But as per https://www.cloudera.com/legal/policies/support-lifecycle-policy.html the support is already ended for HDP 2.6.5.
So, I would recommend upgrading the cluster to CDP for the latest features and security fixes.