HBase 1.4.13.50 - 2201 (EEP 7.1.2) Release Notes
The notes below relate to the HPE Ezmeral Data Fabric distribution of HBase.
These release notes contain only HPE-specific information and are not necessarily cumulative in nature. You may also be interested in the Ecosystem Component Release Notes and the Apache HBase homepage.
| Version | 1.4.13.50 |
| Release Date | March 2022 |
| MapR Version Interoperability | See Interoperability Matrix, Ecosystem Support Matrix, and HBase Support Matrix. |
| Source on GitHub | https://github.com/mapr/hbase |
| GitHub Release Tag | 1.4.13.50-mapr-712 |
| Maven Artifacts | https://repository.mapr.com/maven/ |
| Package Names | Navigate to https://package.ezmeral.hpe.com/releases/MEP/ and select your EEP and OS to view the list of package names. |
New in this Release
HBase 1.4.13.50 introduces the following enhancements or HPE platform-specific behavior changes:
- CVE fixes
- Bug fixes
Fixes
This HPE release includes the following fixes on the base Apache release:
| GitHub Commit Number | Date (YYYY-MM-DD) | HPE Fix Number and Description |
| 3e5774b7bd | 2022-01-25 | EEP-HBASE-275: Upgrade Log4J version to '1.3.1-mapr' |
| 1b84b97250 | 2022-01-13 | EEP-HBASE-274: HBase REST authentication doesn't work for /jmx and /conf |
| 4a7bc734a4 | 2022-01-05 | EEP-HBASE-271: Update log4j v2 to the latest available (to 2.17+) |
| e098fa5bdb | 2021-12-20 | EEP-HBASE-263: Log4j Vulnerabilities: CVE-2019-17571 -- Upgrading to 1.3.0-mapr |
| cf729eef81 | 2021-12-14 | EEP-HBASE-263: Log4j Vulnerabilities: CVE-2019-17571 |
| 2a8bd56e37 | 2021-12-14 | EEP-HBASE-269: CVE-2021-44228 - Log4j vulnerability in HBase |
| 225e558442 | 2021-11-25 | EEP-HBASE-268: Upgrade Jetty to 9.4.44.v20210927 to sync with Hadoop |
| 188650a45d | 2021-11-25 | EEP-HBASE-264: Nimbus-jose-jwt Vulnerabilities: CVE-2019-17195, CVE-2017-12974 and CVE-2017-12972 |
| fa4d10cd74 | 2021-11-24 | EEP-HBASE-266: Exclude bcprov-jdk15on from HBase dependencies |
| ff73de116f | 2021-11-24 | EEP-HBASE-250: HBase Thrift and Rest services fail to start on Core-7.0.0 MEP-7.1.0 with encrypted ssl passwords |
| 6cda4a2b5f | 2021-11-22 | MAPR-HBASE-254: Upgrade slf4j dependencies from 1.7.5 to 1.7.25 to sync with Hadoop |
| 52972c1f93 | 2021-11-22 | MAPR-HBASE-247: mapr-security-web jar should be taken from the cluster |
| 98d0ef0594 | 2021-11-22 | MAPR-HBASE-240: CVE-2012-5783 vulnerability in commons-httpclient. -- Part-2: Modify shutdown for HttpClient |
| 47efdc31b8 | 2021-11-22 | MAPR-HBASE-244: Upgrade Avro version to 1.10.1 |
| a84cfd7302 | 2021-11-22 | MAPR-HBASE-240: CVE-2012-5783 vulnerability in commons-httpclient. -- HBASE-16267 Remove commons-httpclient dependency from hbase-rest module |
| 41eba1a7b2 | 2021-11-22 | MAPR-HBASE-242: Too large error message/uninformative when running hbase shell from user without ticket |
| 4e6bc5079b | 2021-11-22 | MAPR-HBASE-239: WS-2019-0379: commons-codec vulnerability |
| 3860599c1f | 2021-11-22 | MAPR-HBASE-237: Sync Jackson version with hadoop-2.7.5.0 |
| d8efd1ba4e | 2021-11-22 | MAPR-HBASE-236: CVE-2020-15250 vulnerability in junit |
| 9ea81f6136 | 2021-11-22 | MAPR-HBASE-208: HBase build should use only internal repositories / mirrors |
| 59da3a380b | 2021-11-18 | EEP-HBASE-260: Netty Vulnerabilities: WS-2020-0408, CVE-2021-37137 and CVE-2021-37136 |
| 8e3ef8732c | 2021-11-15 | MAPR-HBASE-252: [Hbase] CVE-2021-42340 Apache Tomcat DoS |
| 948456c93b | 2021-11-15 | MAPR-HBASE-249: ThriftServer and RESTServer can not start on core 7.0.0 |
For complete details, refer to the commit log for this project in GitHub.
Known Issues and Limitations
This release contains the following known issues and limitations:
- None