HBase 1.4.14.125 - 2405 (EEP 8.1.2) Release Notes

The notes below relate to the HPE Ezmeral Data Fabric distribution of HBase.

These release notes contain only HPE-specific information and are not necessarily cumulative in nature. You may also be interested in the Ecosystem Component Release Notes and the Apache HBase homepage.

Version 1.4.14.125
Release Date May 2024
Version Interoperability See Interoperability Matrix, Ecosystem Support Matrix, and HBase Support Matrix.
Source on GitHub https://github.com/mapr/hbase
GitHub Release Tag 1.4.14.125-eep-812
Maven Artifacts https://repository.mapr.com/maven/
Package Names Navigate to https://package.ezmeral.hpe.com/releases/MEP/ and select your EEP (MEP) and OS to view the list of package names.

New in this Release

HBase 1.4.14.125 - 2405 introduces the following enhancements or HPE platform-specific behavior changes:
  • CVEs fixes.
  • Bug fixes.

Fixes

This HPE release includes the following fixes on the base Apache release. For details, refer to the commit log for this project in GitHub:

GitHub Commit Number Date (YYYY-MM-DD) HPE Fix Number and Description
d754bcd5d 2024-04-12 EEP-HBASE-387: Upgrade Jetty to 9.4.54.v20240208
dda13ea80 2024-04-12 EEP-HBASE-386: Keep only v1.26.1 for common compress
bda61108a 2024-04-12 EEP-HBASE-303: HBase warden.*.conf is not created after configure.sh
180c3da8d 2024-03-25 EEP-HBASE-383: BufferedMutator performance issue: one RPC per operation
fa19b16bf 2024-03-04 EEP-HBASE-382: CVE-2017-17790
824da8389 2024-03-04 EEP-HBASE-378: CVE-2023-1436 reported in Hbase
b8b2fb715 2024-03-01 EEP-HBASE-370: Upgrade Avro to 1.11.3
c9806e7a9 2024-03-01 EEP-HBASE-372: Permission denied to execute command in the hbase shell as another user
c4be4707b 2024-03-01 EEP-HBASE-358: Update Guava to 32.1.3 to address CVE-2023-2976
a3a69d4da 2024-03-01 EEP-HBASE-377: netty-codec reported for hbase
c4651e692 2024-03-01 EEP-HBASE-376: Address CVE-2014-125087 vulnerability in HBASE
4e1dcb700 2024-03-01 EEP-HBASE-374: Customer is reporting the CVE-2023-46589 for hbase package
9de13c785 2024-03-01 EEP-HBASE-369: Upgrade Jetty to 9.4.53.v20231009
761a7f5e5 2023-07-17 EEP-HBASE-357: Can not start hbase-shell on SLES cluster
ede5f5139 2023-06-14 EEP-HBASE-356: hbase non interactive shell throw ERROR NoMethodError: undefined method 'conf' for IRB:Module
6ce847f2e 2023-06-13 EEP-HBASE-347: Security: Vulnerable version of libthrift 0.13.0, bundled as part of the MEP 9.1.1 HBase.
41b1b0214 2023-06-13 EEP-HBASE-342: Security:: vulnerable version of jackson-databind bundled as part of the HBase~
9ead1dc9a 2023-06-12 EEP-HBASE-344: Security: Vulnerable version of jersey-json 1.20 bundled as part of the MEP 9.1.1 HBase
9488ee2cf 2023-06-12 EEP-HBASE-352: Security:: Vulnerable version of jquery bundled as part of the MEP 9.1.1 HBase
57468b2e8 2023-06-12 EEP-HBASE-337: Security: Vulnerable version of json-smart 2.4.7 bundled /opt/mapr/hbase/hbase-1.4.14/lib/json-smart-2.4.7.jar
de72b1c1a 2023-06-07 EEP-HBASE-354: Address CVE-2022-1471 for hbase
2a77519fe 2023-06-07 HBASE-27585 Bump up jruby to 9.3.9.0 and related joni and jcodings to 2.1.43 and 1.0.57 respectively (#4992)
2b444cc78 2023-06-07 HBASE-26983 Upgrade JRuby to 9.3.4.0 (#4378)
9b652b50b 2023-06-07 HBASE-20598 Upgrade to JRuby 9.2
772b0c3f5 2023-06-07 EEP-HBASE-345: Security:: Vulnerable version of jcip-annotations 1.0-1 bundled as part of the MEP 9.1.1 HBase
060c9bc70 2023-06-07 EEP-HBASE-353: Security:: Vulnerable version of kotlin bundled as part of the MEP 9.1.1 HBase
59544c128 2023-06-06 EEP-HBASE-350: Security:: Vulnerable version of findbugs-annotations bundled as part of the MEP 9.1.1 HBase
93e97bab5 2023-06-06 EEP-HBASE-351: Security:: Vulnerable version of jaxb-api bundled as part of the MEP 9.1.1 HBase

For complete details, refer to the commit log for this project in GitHub.

Known Issues and Limitations

None.

Resolved Issues

None.