HBase 1.4.13.200 - 2201 (EEP 8.1.0) Release Notes

The notes below relate to the HPE Ezmeral Data Fabric distribution of HBase.

These release notes contain only HPE-specific information and are not necessarily cumulative in nature. You may also be interested in the Ecosystem Component Release Notes and the Apache HBase homepage.

Version 1.4.13.200
Release Date January 2022
Version Interoperability See Interoperability Matrix, Ecosystem Support Matrix, and HBase Support Matrix.
Source on GitHub https://github.com/mapr/hbase
GitHub Release Tag 1.4.13.200-eep-810
Maven Artifacts https://repository.mapr.com/maven/
Package Names Navigate to https://package.ezmeral.hpe.com/releases/MEP/ and select your EEP (MEP) and OS to view the list of package names.

New in this Release

HBase 1.4.13.200 - 2201 introduces the following enhancemtns or HPE platform-specific behavior changes:
  • Federal Information Processing Standards (FIPS) support
  • CVE fixes
  • Bug fixes

Fixes

This HPE release includes the following fixes on the base Apache release. For details, refer to the commit log for this project in GitHub:

GitHub Commit Number Date (YYYY-MM-DD) HPE Fix Number and Description
12c2a75dff9 2022-02-09 EEP-HBASE-280: FIPS mode check needs to be done over ssl-client instead of Zookeeper
af61cf17008 2022-01-25 EEP-HBASE-275: Upgrade Log4J version to '1.3.1-mapr'
ddba4184c7 2022-01-13 EEP-HBASE-274: HBase REST authentication doesn't work for /jmx and /conf
45e13fbfe7 2022-01-05 EEP-HBASE-271: Update log4j v2 to the latest available (to 2.17+)
f33379b62c 2021-12-20 EEP-HBASE-263: Log4j Vulnerabilities: CVE-2019-17571 -- Upgrading to 1.3.0-mapr
04229b0d9b 2021-12-14 EEP-HBASE-263: Log4j Vulnerabilities: CVE-2019-17571
8ce02cfa42 2021-12-14 EEP-HBASE-269: CVE-2021-44228 - Log4j vulnerability in HBase
65769ae7c3 2021-11-25 EEP-HBASE-268: Upgrade Jetty to 9.4.44.v20210927 to sync with Hadoop
c98b48fd3c 2021-11-25 EEP-HBASE-264: Nimbus-jose-jwt Vulnerabilities: CVE-2019-17195, CVE-2017-12974 and CVE-2017-12972
f4c5bc5e5b 2021-11-24 EEP-HBASE-267: Update Spark version to 3.2.0.0-eep-SNAPSHOT
44c6284197 2021-11-23 EEP-HBASE-266: Exclude bcprov-jdk15on from HBase dependencies
cbee9488cf 2021-11-18 EEP-HBASE-260: Netty Vulnerabilities: WS-2020-0408, CVE-2021-37137 and CVE-2021-37136
c030c1b1af 2021-11-15 EEP-HBASE-257: HBase mapreduce jobs failed on cluster with enabled FIPS
51bc6be0cb 2021-11-09 EEP-HBASE-258: Update hadoop version to 2.7.6.200-eep-810-SNAPSHOT
74a9e15252 2021-10-25 MAPR-HBASE-252: [Hbase] CVE-2021-42340 Apache Tomcat DoS
748a79f5ab 2021-10-21 MAPR-HBASE-254: Upgrade slf4j dependencies from 1.7.5 to 1.7.25 to sync with Hadoop
21108dde8d 2021-10-18 MAPR-HBASE-251: HBase services can't start on cluster with enabled FIPS

Known Issues and Limitations

This release contains the following known issues and limitations:
  • For a FIPS-enabled configuration, mixed mode support is not available in this release. For example, a non-FIPS client node cannot communicate with a FIPS server node.