Recently, the big data platform built with hdp126.96.36.199 + ambari 2.7.4 system vulnerability has found some vulnerabilities in the security scan again. The vulnerabilities are as follows: 1、Apache HTTP Server mod_ Mime buffer overflow vulnerability (cve-2017-7679) 2、Apache HTTP Server ap_ get_ basic_ auth_ PW authentication bypass vulnerability (cve-2017-3167) 3、Apache HTTP Server mod_ SSL null pointer indirect reference vulnerability (cve-2017-3169) 4、Apache HTTP server remote security restriction bypass vulnerability (cve-2018-1312) 5、Apache HTTP server memory corruption vulnerability (cve-2017-9788) 6、Apache httpd security vulnerability (cve-2017-15715) 7、Apache HTTP server security vulnerability (cve-2018-17199) 8、Apache httpd information disclosure vulnerability (cve-2017-9798) 9、Apache HTTP server denial of Service Vulnerability (cve-2018-1303) 10、Apache HTTP Server mod_ authnz_ LDAP denial of Service Vulnerability (cve-2017-15710) 11、Apache zookeeper security restriction bypass vulnerability (cve-2018-8012) I'd like to ask you how to solve these vulnerabilities. It's said on the Internet that the vulnerability of zookeeper needs to be upgraded to 3.4.10 or higher, but now the latest version of zookeeper in hdp3.1.5 is 3.4.6. How can I deal with these problems? Can I upgrade a component in HDP alone, such as only upgrading zookepper? How to deal with other loopholes?
... View more