Search
Documentation
ODP 3.3.6.2-1
What is ODP
Installation
Component User guide and Installation Instructions
Upgrade Instructions
Downgrade Instructions
Reference Guide
Security Guide
Troubleshooting Guide
Uninstall ODP
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
Bug Fixes
Summarize Page
Copy Markdown
Open in ChatGPT
Open in Claude
Connect to Cursor
Connect to VS Code
This section lists the issues that have been resolved in this release.
ODP-Ambari
Ambari
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4852 | Fixed XML template handling to correctly escape special characters. | |
| ODP-4802 | Fixed Hive Service Check failure in 3.3.6.2-1 clusters. | |
| ODP-4781 | Fixed JCEKS warnings in non-SSL environments for Kafka, Cruise Control, and MirrorMaker2. | |
| ODP-4488, ODP-4721 | Fixed alerts and updated oozie.base.url property to auto-update when SSL is enabled. | |
| ODP-4768 | Removed duplicate SSL keystore.password entry to avoid client failures. | |
| ODP-4725 (addendum) | Added default hive.perflogger.log.level property set to INFO. | |
| ODP-4734 | Fixed Knox installation failure with standalone services. | |
| ODP-4683, ODP-4568 | Enhanced MirrorMaker2 to support multi-topology, mm2-env, and JAAS integration. | |
| ODP-4695 | Fixed handling of multiple jersey-json versions in classpath. | |
| ODP-4680 | Added SSL config handler to apply settings only when SSL is enabled. | |
| ODP-4687 | Fixed secure logging for HDFS DataNode. | |
| ODP-4681 | Fixed ZooKeeper UI quicklinks in http_only mode. | |
| ODP-4656 | Fixed Step 2 blocking issue during manual KDC setup in Ambari. | |
| ODP-4592 | Added default value for Hive keystore password. | |
| ODP-4630 | Created parent directory automatically for JCEKS files. | |
| ODP-4642 | Fixed Hive Service Check failure in 3.3.6.2-1 clusters. | |
| ODP-4631 | Changed Zeppelin default URL from /next to / to match version 0.12.0 changes. | |
| ODP-4483 | Reverted Hive and Tez hook configurations for Pulse. | |
| ODP-4529 | Changed admin.serverPort to 8070 to avoid conflict with Ambari Web UI port 8080. | |
| ODP-3396 | Updated udp_preference_limit to 1 and set default kdc_timeout in HA environments. | |
| ODP-4283 | Fixed exposed Hive SSL credentials. | |
| ODP-4480 | Fixed checkstyle issues and RAT license failures. | |
| ODP-4484 | Updated Ambari submodule from SNAPSHOT to release version. | |
| ODP-4431 | Added Hive SSL properties to hive-site.xml. | |
| ODP-4413 | Added Kafka MirrorMaker2 support for multiple topologies. | |
| ODP-4406 | Set Yarn HA enabled property type to boolean. |
Cruise Control
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4772 | Included slf4j-api version 1.7.36 to resolve logging conflicts with SLF4J 2.x. | |
| ODP-4673 | Reverted Jetty version to 9.4.44.v20210927. |
Cruise Control 3
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4772 | Included slf4j-api version 1.7.36 to resolve logging conflicts with SLF4J 2.x. | |
| ODP-4673 | Reverted Jetty version to 9.4.44.v20210927. |
Druid
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4277 | Made changes to use internal versions of components. | |
| ODP-3161 | Updated the Hive version to 4.0.1. |
Flink
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4816 | Modified HiveMetaStoreClient and HiveConf to match Hive 4.0.1.3.3.6.2-1. | |
| ODP-4766 | Skips the Debian files for RAT checks. |
Hadoop
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4277 | Fixed the compile issues with enforcer enablement and handling ODP internal versions. |
HBase
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| HBASE-29317 | Upgraded hbase-thirdparty to 4.1.11. (apache#6993) (apache#7043) |
Hue
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4518 | Fixed the Hue compile issue with pip. | |
| ODP-4445 | Added the required files for packaging. | |
| ODP-4348 | Prevents copying the global Python packages into the virtual environment. |
Kafka 3
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4505 | Upgraded pubsub-group-kafka-connector to version 1.3.2 to fix CVE-2023-2976, CVE-2020-8908, and CVE-2024-7254. | |
| ODP-4499 | Upgraded mongo-kafka to version 2.0.0 to address multiple CVEs. | |
| ODP-2749 | Upgraded protobuf-java and commons-io to address CVE-2024-7254 and CVE-2024-47554 (KAFKA-17768). |
Knox
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-1866 | Updated handling for /images, login.jsp, and other modified Ranger service definitions. | |
| ODP-4362 | KNOX-2940 | Fixed knoxcli create-alias commands to support values starting with a dash. |
| ODP-4362 | KNOX-3012 | Fixed DataNode links on the Ozone SCM UI. |
| ODP-4362 | KNOX-2958 | Fixed API samples for certain services. |
| ODP-4362 | KNOX-2915 | Added reloadDescriptors() when starting monitors. |
| ODP-4362 | KNOX-2915 | Reloaded descriptors before topology redeployment at startup. |
| ODP-4362 | KNOX-3021 | Ensured HTTP configuration is also applied to non-SSL Jetty connectors. |
| ODP-4362 | KNOX-3024 | Fixed Java detection issues. |
| ODP-4362 | KNOX-3030 | Made TopologyUtils.parse thread-safe. |
| ODP-4362 | KNOX-2996 | Added proxy for HDFS UI network topology. |
| ODP-4362 | KNOX-3012 | Fixed DataNode links on the Ozone SCM UI. |
Kudu
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4514 | KUDU-3491 | Fixed random MiniDumpExceptionHandler assertion failures when starting a newly added Kudu master. |
| KUDU-3661 | Fixed issue where Ranger policies were not honored in Kudu. | |
| KUDU-3491 | Ensured the master is destructed before creating a new one. |
Livy
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4716 | Added handling for empty keystore path. | |
| ODP-4679 | Fixed NoClassDefFoundError issue during Livy startup. | |
| ODP-4456 | Updated Spark 3 source/bin URLs for standalone tarballs for Livy3 and Zeppelin. | |
| ODP-4277 | Added Spark 3 tarball link to download ODP-specific version. | |
| ODP-4277 | Matched ODP component version. | |
| ODP-4351 | Updated Spark version to 3.5.5.3.3.6.2-1. | |
| ODP-2795 | Refactored Livy to use ambari-python-wrap. | |
| ODP-3913 | Changed distribution management to point to staging repository. | |
| ODP-3912 | Added Acceldata staging repository. | |
| ODP-3593 | Fixed CVE-2025-24970 (io.netty:netty-codec-http2:4.1.108.Final). | |
| ODP-3473 | Removed hadoop-shaded-protobuf from Livy. | |
| ODP-3475 | Matched protobuf version in Livy with Spark. | |
| ODP-3479 | Fixed sonatype-2015-0002 vulnerability in collections:20040616. | |
| ODP-3469 | Removed references to Avro. | |
| ODP-3544 | Fixed CVE-2024-53990 by upgrading asynchttpclient to 3.0.1. | |
| ODP-3478 | Fixed CVE-2020-25638 by removing org.hibernate:hibernate-core. | |
| ODP-3481 | Fixed sonatype-2023-4380 (io.netty:netty-codec-http2:4.1.94.Final) — matched Spark version to 4.1.108. | |
| ODP-3489 | Fixed sonatype-2022-6438 by bumping jackson-core to 2.15.4. | |
| ODP-3475 | Removed com.google.protobuf:protobuf-java:2.5.0 from spark-hive_ in Livy. | |
| ODP-3487 | Fixed CVE-2022-34169 in xalan:xalan:2.7.2. | |
| ODP-3470 | Removed org.apache.thrift:libthrift:0.9.3 (libfb303) to address CVE-2018-1320. | |
| ODP-3485 | Bumped metrics version to 4.2.30. | |
| ODP-3486 | Fixed CVE-2024-29857 by removing bouncycastle:bcprov-jdk18on:1.77. | |
| ODP-3480 | Fixed CVE-2024-52046 by excluding mina-core test jars. | |
| ODP-3465 | Fixed CVE-2022-22965 in org.springframework:spring-beans:4.3.19.RELEASE (duplicate fix entries consolidated). | |
| ODP-3464 | Fixed CVE-2020-10683 in dom4j:dom4j:1.6.1. | |
| ODP-3480 | Fixed CVE-2024-52046 in org.eclipse.jetty:jetty-runner:9.4.50.v20221201. | |
| ODP-2050 | Fixed jetty-webapp version. | |
| ODP-2050 | Fixed guava version. |
NiFi
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4272 | Fixed NiFi/NiFi Registry service check for JDK 11 compatibility. | |
| ODP-4654 | Resolved NiFi service start failure (java.lang.ClassNotFoundException: org.apache.nifi.toolkit.encryptconfig.EncryptConfigMain). | |
| ODP-4991 | NIFI-14057 | Return HTTP 405 for TRACE and OPTIONS on all paths for ListenHTTP (apache#9563). |
| ODP-4729 | Fixed missing Jackson dependency in NiFi Registry. |
Ozone
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4647 | HDDS-11617 | Fixed SCM service startup failure caused by protobuf incompatibility. |
| ODP-4750 | Set protobuf-java version to 3.25.5 in Ozone. |
Pinot
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4277 | Avoided Kafka 2 & 3 dependency convergence errors and added distribution management. | |
| ODP-4814 | Fixed null handling on the Zookeeper Browser page. |
Schema Registry
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4796 | Fixed Guava version ambiguity caused by Dropwizard upgrade. | |
| ODP-4631 | Excluded Jackson 2.14.1 from Glassfish to avoid conflicts. | |
Reverted patch for CVE-2022-1471 related to org.yaml_snakeyaml (OSV-3131 / OSV-3118). | ||
Addressed CVE-2023-5072 in org.json_json (OSV-3120 / OSV-3121). | ||
Addressed CVE-2022-1471 in org.yaml_snakeyaml (OSV-3131 / OSV-3118). | ||
Addressed CVE-2023-31582 in org.bitbucket.b_c_jose4j 0.7.9 (OSV-3132). | ||
Addressed CVE-2024-1597 in org.postgresql_postgresql 42.4.1 (OSV-3134). | ||
Addressed CVE-2023-1370 in net.minidev_json-smart 2.4.8 (OSV-3125). | ||
Addressed CVE-2025-48734 in commons-beanutils_commons-beanutils 1.9.4 (OSV-3122). | ||
Addressed CVE-2024-22201 in org.eclipse.jetty_jetty-io 9.4.48 (OSV-3126 to OSV-3129). | ||
| ODP-4296 | Fixed exposure of database passwords via REGISTRY_DB_PASSWORD environment variable. | |
| ODP-4277 | Fixed staging URL accessibility and aligned Kafka Ranger versions. |
Spark
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4858 | Fixed Hudi/Delta SQL query issues caused by ANTLR version conflict. | |
| ODP-780 | Updated libthrift from 0.12.0 to 0.14.1 for Hive 3.1.4 connectivity. | |
| ODP-1603 | Fixed Could not initialize class org.apache.commons.text.StringEscapeUtils error. | |
| SPARK-51950 | Upgraded Parquet to version 1.15.2. | |
| ODP-4446 | Upgraded Derby to 10.14.3 to fix CVE-2022-46337. | |
| ODP-4444 | Upgraded jetty-server to 9.4.57.v20241219 to fix CVE-2024-13009. | |
| ODP-4422 | Added DeltaLake profile and updated Open Table Format versions. | |
| ODP-2118 | Upgraded Hudi, DeltaLake, and Iceberg versions for Open Table Client. | |
| ODP-3913 | Changed distribution management to point to the staging repository. | |
| ODP-3791 | Increased okhttp version to 4.12.0 to fix CVE-2021-0341. | |
| ODP-3792 | Increased jackson-databind version to 2.17.2 to fix CVE-2021-0341. | |
| ODP-1486, ODP-1303 | Upgraded commons-text to 1.11.0. | |
| ODP-3411, ODP-3361 | Bumped Hudi version to internal 0.15.2 (note: some revert commits exist). | |
| ODP-3772 | Increased datanucleus-rdbms and datanucleus-core to 6.0.1 to fix sonatype-2020-0972 vulnerabilities. | |
| ODP-3411 | Upgraded gcs-aws-java-sdk-bundle to 1.12.782 to fix CVEs: 2024-47535, 2023-34462, 2024-29025. | |
| ODP-3411 | Upgraded commons-io to 2.18 to fix CVE-2024-47554. | |
| ODP-2269 | Fixed NoClassDefFoundError for InternalFutureFailureAccess class. | |
| ODP-3361 | Upgraded Iceberg to 1.7.0 to fix CVE-2024-47561. | |
| ODP-2866 | Upgraded Gson version to 2.8.9. | |
| ODP-3361 | Upgraded DBCP to 2.9.0 to fix CVE-2020-36186. |
Sqoop
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4589 | Fixed the Sqoop Import issue with Hive-based timestamp conversions (#19). |
Trino
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4817 | Suppressed the duplicate protobuf resource failures in build. | |
| ODP-4753 | Fixed the trino deploy in pom.xml |
ZooKeeper
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| ODP-4350 | ZOOKEEPER-2332 | Fixed server startup failure caused by empty transaction log. |
| ODP-4350 | ZOOKEEPER-4715 | Verified file size and position in testGetCurrentLogSize. |
| ODP-4350 | ZOOKEEPER-4906 | Logged full exception details for server JAAS configuration failure. |
| ODP-4350 | ZOOKEEPER-4839 | Fixed SASL DIGEST-MD5 authentication using last successfully logged-in username. |
| ODP-4350 | ZOOKEEPER-4886 | Fixed issue preventing observer with small myid from joining SASL quorum. |
| ODP-4350 | ZOOKEEPER-4889 | Disabled fallback to DIGEST-MD5 authentication mechanism in FIPS mode. |
| ODP-4350 | ZOOKEEPER-4907 | Stopped client packet processing after the server channel is closed. |
| ODP-4350 | ZOOKEEPER-4020 | Fixed memory leak from SSL certificate in C client. |
| ODP-4350 | ZOOKEEPER-4699 | Fixed hostname use-after-free issue in the C client. |
| ODP-4350 | ZOOKEEPER-4712 | Fixed partial shutdown of ZooKeeperServer and its processors. |
| ODP-4350 | ZOOKEEPER-4843 | Fixed 'Unreasonable Length' error when configuring jute.maxbuffer to 1GB or more. |
| ODP-4350 | ZOOKEEPER-4394 | Ensured only committed requests are applied in sync with the leader before NEWLEADER ACK. |
| ODP-4350 | ZOOKEEPER-2623 | Forbade OpCode.check outside OpCode.multi. |
| ODP-4350 | ZOOKEEPER-4409 | Fixed NullPointerException in SendAckRequestProcessor. |
Backported Ranger Bug Fixes from 2.6.0 to ODP v2.5.0.3.3.6.2-1
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| RANGER-4919 | Fixed Maven build failures after Knox Gateway upgrade to version 2.0.0. | 2.6.0 |
| RANGER-4915 | Strengthened default SSL ciphers for the user sync service. | 2.6.0 |
| RANGER-4833 | Replaced Bootbox.js with Bootprompt.js for UI dialogs. | 2.6.0 |
| RANGER-5002 | Fixed Oracle installation failure during vx_principal schema creation. | 2.6.0 |
| RANGER-4949 | Fixed security zone creation failure in Oracle DB when any role is selected. | 2.6.0 |
| RANGER-4977 | Fixed HBase scan results returning denied columns. | 2.6.0 |
| RANGER-5169 | Fixed error during Master Key migration from older format to external key store. | 2.6.0 |
| RANGER-5124 | Fixed mismatch between policy/tag active time and last update/policy download timestamps. | 2.6.0 |
| RANGER-4969 | Upgraded Commons IO library to version 2.17.0 to fix related issues. | 2.6.0 |
Backported Bug Fixes from 3.0.0 to ODP-Ambari v2.7.9.2-1
| ODP JIRA | Apache JIRA | Description |
|---|---|---|
| AMBARI-26519 | Added additional public/local check during first-time initialization. | |
| ODP-4349 | AMBARI-26240 | Fixed alter dispatcher issue. |
| ODP-4349 | AMBARI-26081 | Fixed TestConfigs Python test case failures in Ambari. |
| ODP-4349 | AMBARI-26105 | Fixed TestPortAlert.py unit test failures due to Python 2→3 migration. |
| ODP-4349 | AMBARI-26255 | Fixed issue preventing addition of capacity-scheduler views. |
| ODP-4349 | AMBARI-26234 | Fixed ClusterNotFoundException in Confirm Hosts stage during cluster deployment. |
| ODP-4349 | AMBARI-26115 | Fixed incorrect resolution of $PYTHONPATH. |
| ODP-4349 | AMBARI-25897 | Fixed default SPNEGO configuration example in hive-site.xml. |
| ODP-4349 | AMBARI-25970 | Fixed incorrect Ambari Infra Solr service configuration. |
| ODP-4349 | AMBARI-26276 | Fixed HDFS web service check failure. |
| ODP-4349 | AMBARI-25968 | Fixed Ambari Admin compilation failure. |
| ODP-4349 | AMBARI-26120 | Disabled hosts are now excluded when selecting all hosts in the install wizard, step 6. |
| ODP-4349 | AMBARI-25928 | Fixed continuous increase of WebSocket connections in the Ambari web UI. |
| ODP-4349 | AMBARI-26198 | Fixed time range selector is not hiding automatically. |
| ODP-4349 | AMBARI-26194 | Fixed non-functional action button on Ambari host page. |
| ODP-4349 | AMBARI-26205 | Fixed dropdown menu flex layout overflow. |
| ODP-4349 | AMBARI-26251 | Fixed tooltip display issue. |
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Last updated on Aug 11, 2025
Was this page helpful?
Next to read:
Fixed CVEsDiscard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message