HBase 1.4.14.850 - 2510 (DEP 10.0.0) Release Notes

The notes below relate to the HPE Data Fabric distribution of HBase.

These release notes contain only HPE-specific information and are not necessarily cumulative in nature. You may also be interested in the Ecosystem Component Release Notes and the Apache HBase homepage.

Version 1.4.14.850
Release Date October 2025
Version Interoperability See Interoperability Matrix, Ecosystem Support Matrix, and HBase Support Matrix.
Source on GitHub https://github.com/mapr/hbase
GitHub Release Tag 1.4.14.850-dep-1000
Maven Artifacts https://repository.mapr.com/maven/
Package Names Navigate to https://package.ezmeral.hpe.com/releases/MEP/ and select your DEP (EEP or MEP) and OS to view the list of package names.

New in this Release

HBase 1.4.14.800 introduces the following enhancements or HPE platform-specific behavior changes:
  • CVEs fixes
  • Bug fixes

Fixes

This HPE release includes the following fixes on the base Apache release. For details, refer to the commit log for this project in GitHub:

GitHub Commit Number Date (YYYY-MM-DD) HPE Fix Number and Description
be3a05b39ee 2025-09-28 EEP-HBASE-434: HBase services fail to start after hadoop CVE updates
73cc48ff4fc 2025-09-08 EEP-HBASE-428: DEP 10.0.0:: Vulnerable version of tomcat-catalina 10.1.39 bundled as part of the mapr-hbase-1.4.14.850.202508260958-1.noarch.rpm
30e4759fce4 2025-09-08 EEP-HBASE-430: DEP 10.0.0:: Vulnerable version of bctls-fips 1.0.11.4 bundled as part of the mapr-hbase-1.4.14.850.202508260958-1.noarch.rpm
6bc15f5d1e7 2025-09-08 EEP-HBASE-431: DEP 10.0.0:Vulnerable version of jetty-server 9.4.54.v20240208 bundled as part of the mapr-hbase-1.4.14.850.202508260958-1.noarch.rpm.

For complete details, refer to the commit log for this project in GitHub.

Known Issues and Limitations

  • Redirect to Non-Existent “/login” Page After Authentication:

    As part of the SSO implementation in Hadoop, HBase service UIs now redirect users to a “/login” endpoint after authenticating with a username and password. However, the HBase service UIs currently do not have a “/login” page implemented, resulting in an “HTTP ERROR 404 Not Found”.

    Workaround:

    If redirected to a URL ending in “/login”, manually remove “/login” from the address bar to access the service UI.

    Example:

    After logging in at https://<hostname>:9095, the browser redirects to https://<hostname>:9095/login, which will return a 404 error. To continue, remove “/login” from the URL

Resolved Issues

None.