HBase 1.4.13.200 - 2201 (EEP 8.1.0) Release Notes
The notes below relate to the HPE Ezmeral Data Fabric distribution of HBase.
These release notes contain only HPE-specific information and are not necessarily cumulative in nature. You may also be interested in the Ecosystem Component Release Notes and the Apache HBase homepage.
| Version | 1.4.13.200 |
| Release Date | January 2022 |
| Version Interoperability | See Interoperability Matrix, Ecosystem Support Matrix, and HBase Support Matrix. |
| Source on GitHub | https://github.com/mapr/hbase |
| GitHub Release Tag | 1.4.13.200-eep-810 |
| Maven Artifacts | https://repository.mapr.com/maven/ |
| Package Names | Navigate to https://package.ezmeral.hpe.com/releases/MEP/ and select your EEP (MEP) and OS to view the list of package names. |
New in this Release
HBase 1.4.13.200 - 2201 introduces the following enhancemtns or HPE platform-specific
behavior changes:
- Federal Information Processing Standards (FIPS) support
- CVE fixes
- Bug fixes
Fixes
This HPE release includes the following fixes on the base Apache release. For details, refer to the commit log for this project in GitHub:
| GitHub Commit Number | Date (YYYY-MM-DD) | HPE Fix Number and Description |
| 12c2a75dff9 | 2022-02-09 | EEP-HBASE-280: FIPS mode check needs to be done over ssl-client instead of Zookeeper |
| af61cf17008 | 2022-01-25 | EEP-HBASE-275: Upgrade Log4J version to '1.3.1-mapr' |
| ddba4184c7 | 2022-01-13 | EEP-HBASE-274: HBase REST authentication doesn't work for /jmx and /conf |
| 45e13fbfe7 | 2022-01-05 | EEP-HBASE-271: Update log4j v2 to the latest available (to 2.17+) |
| f33379b62c | 2021-12-20 | EEP-HBASE-263: Log4j Vulnerabilities: CVE-2019-17571 -- Upgrading to 1.3.0-mapr |
| 04229b0d9b | 2021-12-14 | EEP-HBASE-263: Log4j Vulnerabilities: CVE-2019-17571 |
| 8ce02cfa42 | 2021-12-14 | EEP-HBASE-269: CVE-2021-44228 - Log4j vulnerability in HBase |
| 65769ae7c3 | 2021-11-25 | EEP-HBASE-268: Upgrade Jetty to 9.4.44.v20210927 to sync with Hadoop |
| c98b48fd3c | 2021-11-25 | EEP-HBASE-264: Nimbus-jose-jwt Vulnerabilities: CVE-2019-17195, CVE-2017-12974 and CVE-2017-12972 |
| f4c5bc5e5b | 2021-11-24 | EEP-HBASE-267: Update Spark version to 3.2.0.0-eep-SNAPSHOT |
| 44c6284197 | 2021-11-23 | EEP-HBASE-266: Exclude bcprov-jdk15on from HBase dependencies |
| cbee9488cf | 2021-11-18 | EEP-HBASE-260: Netty Vulnerabilities: WS-2020-0408, CVE-2021-37137 and CVE-2021-37136 |
| c030c1b1af | 2021-11-15 | EEP-HBASE-257: HBase mapreduce jobs failed on cluster with enabled FIPS |
| 51bc6be0cb | 2021-11-09 | EEP-HBASE-258: Update hadoop version to 2.7.6.200-eep-810-SNAPSHOT |
| 74a9e15252 | 2021-10-25 | MAPR-HBASE-252: [Hbase] CVE-2021-42340 Apache Tomcat DoS |
| 748a79f5ab | 2021-10-21 | MAPR-HBASE-254: Upgrade slf4j dependencies from 1.7.5 to 1.7.25 to sync with Hadoop |
| 21108dde8d | 2021-10-18 | MAPR-HBASE-251: HBase services can't start on cluster with enabled FIPS |
Known Issues and Limitations
This release contains the following known issues and limitations:
- For a FIPS-enabled configuration, mixed mode support is not available in this release. For example, a non-FIPS client node cannot communicate with a FIPS server node.