ranger icon indicating copy to clipboard operation
ranger copied to clipboard
verified publisher icon apache

Update Hadoop To 3.3.4

Open mr1716 opened this issue 3 years ago • 2 comments

Upgrading Hadoop to 3.3.4 will help reduce the number of open CVEs in the ranger product

mr1716 avatar Aug 24 '22 12:08 mr1716

hello, is there an update on this?

I tried updating hadoop from 3.3.0 to 3.3.2 and faced the following exception while starting the ranger admin server:

Exception in thread "main" java.lang.NoClassDefFoundError: com/ctc/wstx/io/InputBootstrapper
at org.apache.ranger.credentialapi.CredentialReader.getDecryptedString(CredentialReader.java:39)
at org.apache.ranger.server.tomcat.EmbeddedServer.getKeyManagers(EmbeddedServer.java:414)
at org.apache.ranger.server.tomcat.EmbeddedServer.getSSLContext(EmbeddedServer.java:388)
at org.apache.ranger.server.tomcat.EmbeddedServer.start(EmbeddedServer.java:99)
at org.apache.ranger.server.tomcat.EmbeddedServer.main(EmbeddedServer.java:84)
Caused by: java.lang.ClassNotFoundException: com.ctc.wstx.io.InputBootstrapper
at java.net.URLClassLoader.findClass(URLClassLoader.java:387)
at java.lang.ClassLoader.loadClass(ClassLoader.java:418)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:352)
at java.lang.ClassLoader.loadClass(ClassLoader.java:351)
... 5 more

curious to know if this is resolved in any of the further hadoop versions that are CVE free?

shreedhar22 avatar Sep 01 '22 20:09 shreedhar22

It seems the below jars are missing or conflicts with the other transitive dependencies com.fasterxml.woodstox:woodstox-core:jar org.codehaus.woodstox:stax2-api:jar

ramackri avatar Sep 02 '22 05:09 ramackri