Document dropping support for certain CDH and HDP versions in an upcoming release

Description

Versions:

all versions older than CDH 5.4.11 and HDP 2.5.0.0

Please refer to for more info.

Release Notes

None

Linked issues

relates to

CDAP-8141

Drop support for CDH 5.1, 5.2, 5.3 and HDP 2.0, 2.1

Activity

Show:

Chris Gianelloni February 21, 2017 at 4:09 PM

, if you look at the comments in you will notice that all versions of HDP prior to 2.5 are vulnerable to a remotely executable namenode vulnerability, which allows an attacker to run arbitrary code as the namenode (hdfs) user, bypassing all HDFS-based security. Also, since the hdfs user is normally in the hadoop group, it gets special access to certain other on-disk locations on the individual node filesystems that should normally be protected.

John Jackson February 8, 2017 at 12:38 AM

PR https://github.com/caskdata/cdap/pull/7866

Peter Caldes January 20, 2017 at 10:06 PM

Description says "- all versions older than CDH 5.4.11 and HDP 2.5.0.0"
but description says the "CDH 5.1, 5.2, 5.3 and HDP 2.0, 2.1" are dropped.

Fixed

Pinned fields

Click on the next to a field label to start pinning.

Details

Assignee

John Jackson

Reporter

Poorna Chandra

Labels

Components

Fix versions

4.1.0

Priority

Major

Created January 19, 2017 at 10:52 PM

Updated February 21, 2017 at 4:09 PM

Resolved February 21, 2017 at 3:47 PM

Configure