Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-18198

Release Hadoop 3.3.3: hadoop-3.3.2 with some fixes

    XMLWordPrintableJSON

Details

    Description

      Hadoop 3.3.3 is a minor followup release to Hadoop 3.3.2 with all the incremental changes which went in to the 3.2.4 release

      • minor CVE fixes in Hadoop source
      • CVE fixes in dependencies we know of (protobuf unmarshalling leading to DoS, jackson stack overflow,...)
      • replacement of log4j 1.2.17 to reload4j
      • node.js update

      This is not a release off branch-3.3, it is a fork of 3.3.2 with the changes.

      The next release of branch-3.3 will be numbered hadoop-3.3.4; updating maven versions and JIRA fix versions is part of this release process.

      The changes here are already in branch 3.2.4; this completes the set

      CVEs fixed

      • CVE-2022-26612: Apache Hadoop: Arbitrary file write in FileUtil#unpackEntries on Windows (HADOOP-18155)
      • CVE-2022-25168 Verify FileUtils.unTar() handling of missing .tar files. (HADOOP-18136)

      Attachments

        Issue Links

          contains

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-18212 hadoop-client-runtime latest version 3.3.2 has security issues

          • Major - Major loss of function.
          • Resolved
          depends upon

          Bug - A problem which impairs or prevents the functions of the product. HDFS-16422 Fix thread safety of EC decoding during concurrent preads

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HDFS-16437 ReverseXML processor doesn't accept XML files without the SnapshotDiffSection.

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HDFS-16507 [SBN read] Avoid purging edit log which is in progress

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. YARN-10720 YARN WebAppProxyServlet should support connection timeout to prevent proxy server from hanging

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-17650 Fails to build using Maven 3.8.1

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-18109 Ensure that default permissions of directories under internal ViewFS directories are the same as directories on target filesystems

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-18160 `org.wildfly.openssl` should not be shaded by Hadoop build

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-18178 Upgrade jackson to 2.13.2 and jackson-databind to 2.13.2.2. CVE-2020-36518

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HDFS-16428 Source path with storagePolicy cause wrong typeConsumed while rename

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. YARN-11014 YARN incorrectly validates maximum capacity resources on the validation API

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. YARN-11075 Explicitly declare serialVersionUID in LogMutation class

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-17341 Upgrade commons-codec to 1.15

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HDFS-11041 Unable to unregister FsDatasetState MBean if DataNode is shutdown twice

          • Trivial - Cosmetic problem like misspelt words or misaligned text.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-18088 Replace log4j 1.x with reload4j

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HDFS-16501 Print the exception when reporting a bad block

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. MAPREDUCE-7373 Building MapReduce NativeTask fails on Fedora 34+

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-18214 Update BUILDING.txt

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HDFS-16355 Improve the description of dfs.block.scanner.volume.bytes.per.second

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-18155 Refactor tests in TestFileUtil

          • Trivial - Cosmetic problem like misspelt words or misaligned text.
          • Resolved

          Task - A task that needs to be done. HADOOP-18125 Utility to identify git commit / Jira fixVersion discrepancies for RC preparation

          • Major - Major loss of function.
          • Resolved
          is blocked by

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-18202 create-release fails fatal: unsafe repository ('/build/source' is owned by someone else)

          • Major - Major loss of function.
          • Resolved
          is related to

          Sub-task - The sub-task of the issue HADOOP-19064 [thirdparty] add -mvnargs option to create-release command line

          • Major - Major loss of function.
          • Resolved

          Task - A task that needs to be done. HADOOP-18293 Release Hadoop 3.3.4 critical fix update

          • Major - Major loss of function.
          • Resolved

          Task - A task that needs to be done. HADOOP-18305 Release Hadoop 3.3.4: minor update of hadoop-3.3.3

          • Major - Major loss of function.
          • Resolved
          relates to

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-18290 Fix some compatibility issues with 3.3.3 release notes

          • Major - Major loss of function.
          • Open
          links to

          Web Link GitHub Pull Request #4164

          Web Link GitHub Pull Request #4202

          Web Link GitHub Pull Request #4239

          Activity

            People

              stevel@apache.org Steve Loughran
              stevel@apache.org Steve Loughran
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 2h 10m
                  2h 10m