You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@datalab.apache.org by "Ruslan Kulynych (Jira)" <ji...@apache.org> on 2022/03/10 09:05:00 UTC
[jira] [Created] (DATALAB-2733) [GCP] Error during Dataproc cluster creation "Selected software image version is vulnerable to remote code execution"
Ruslan Kulynych created DATALAB-2733:
----------------------------------------
Summary: [GCP] Error during Dataproc cluster creation "Selected software image version is vulnerable to remote code execution"
Key: DATALAB-2733
URL: https://issues.apache.org/jira/browse/DATALAB-2733
Project: Apache DataLab
Issue Type: Bug
Security Level: Public (Regular Issues)
Affects Versions: v.2.5.2
Reporter: Ruslan Kulynych
Assignee: Leonid Frolov
Fix For: v.2.5.2
Attachments: gcp_dataproc_error_version.PNG
*Preconditions:*
# Jupyter notebook is in running status
*Steps to reproduce:*
# Create Dataproc cluster
*Actual result:*
# Dataproc cluster creation error
{code:java}
"Selected software image version 2.0.0-RC22-ubuntu18 is vulnerable to remote code execution due to a log4j vulnerability (CVE-2021-44228) and cannot be used to create new clusters. Please upgrade to image versions >=1.3.95, >=1.4.77, >=1.5.53, or >=2.0.27. For more information, see https://cloud.google.com/dataproc/docs/guides/recreate-cluster". Details: "Selected software image version 2.0.0-RC22-ubuntu18 is vulnerable to remote code execution due to a log4j vulnerability (CVE-2021-44228) and cannot be used to create new clusters. Please upgrade to image versions >=1.3.95, >=1.4.77, >=1.5.53, or >=2.0.27."> {code}
*Expected result:*
# Dataproc cluster creation is successful
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@datalab.apache.org
For additional commands, e-mail: dev-help@datalab.apache.org