You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by aa...@apache.org on 2022/06/15 15:25:33 UTC
[hadoop-site] branch asf-site updated: Add CVE-2021-33036 description
This is an automated email from the ASF dual-hosted git repository.
aajisaka pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/hadoop-site.git
The following commit(s) were added to refs/heads/asf-site by this push:
new 4f2c1119d8 Add CVE-2021-33036 description
4f2c1119d8 is described below
commit 4f2c1119d8e5841c4d15a57fdc90bba9023d152c
Author: Akira Ajisaka <ak...@amazon.com>
AuthorDate: Thu Jun 16 00:23:22 2022 +0900
Add CVE-2021-33036 description
---
content/cve_list.html | 15 ++++++++++
content/index.html | 2 +-
content/index.xml | 74 +++++++++++++++++++++++------------------------
content/news/index.xml | 2 +-
content/release/index.xml | 50 ++++++++++++++++----------------
content/who.html | 14 ++++-----
src/cve_list.md | 17 +++++++++++
7 files changed, 103 insertions(+), 71 deletions(-)
diff --git a/content/cve_list.html b/content/cve_list.html
index 19df2ce088..398d434574 100644
--- a/content/cve_list.html
+++ b/content/cve_list.html
@@ -169,6 +169,21 @@ One paragraph summary goes here. Don't need nuts-and-bolts detail, just enough f
- **Reported Date**:
- **Issue Announced**:
-->
+<h2 id="cve-2021-33036httpcvemitreorgcgi-bincvenamecginamecve-2021-33036-apache-hadoop-privilege-escalation-vulnerability"><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33036">CVE-2021-33036</a> Apache Hadoop Privilege escalation vulnerability</h2>
+<p>In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to
+3.2.2, and 3.3.0 to 3.3.1, A user who can escalate to yarn user can
+possibly run arbitrary commands as root user.</p>
+<p>If you are using the affected version of Apache Hadoop and some users
+can escalate to yarn user and cannot escalate to root user, remove the
+permission to escalate to yarn user from them.</p>
+<ul>
+<li><strong>Versions affected</strong>: 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, 3.3.0 to 3.3.1</li>
+<li><strong>Fixed versions</strong>: 3.2.3, 3.3.2</li>
+<li><strong>Impact</strong>: privilege escalation</li>
+<li><strong>Reporter</strong>: Hideyuki Furue</li>
+<li><strong>Reported Date</strong>: 2021/05/05</li>
+<li><strong>Issue Announced</strong>: 2022/06/15 (<a href="https://lists.apache.org/thread/ctr84rmo3xd2tzqcx2b277c8z692vhl5">general@hadoop</a>)</li>
+</ul>
<h2 id="cve-2022-26612httpcvemitreorgcgi-bincvenamecginamecve-2022-26612-arbitrary-file-write-during-untar-on-windows"><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26612">CVE-2022-26612</a> Arbitrary file write during untar on Windows</h2>
<p>In Apache Hadoop, The <code>unTar</code> function uses <code>unTarUsingJava</code> function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an arbitrary file into the external directory using the symlink name. This however would be caught by the same <code>targetDirPath</code> check on Unix because of the <code [...]
<p>Users of the affected versions should apply either of the following mitigations:</p>
diff --git a/content/index.html b/content/index.html
index baccf90a93..78b5d552c9 100644
--- a/content/index.html
+++ b/content/index.html
@@ -3,7 +3,7 @@
<!DOCTYPE html>
<html lang="en">
<head>
- <meta name="generator" content="Hugo 0.96.0" />
+ <meta name="generator" content="Hugo 0.100.2" />
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
diff --git a/content/index.xml b/content/index.xml
index 77fecdb8eb..2bbdd660f6 100644
--- a/content/index.xml
+++ b/content/index.xml
@@ -550,7 +550,7 @@ Please see the Hadoop 2.7.1 Release Notes for the list of 131 bug fixes and patc
<guid>https://hadoop.apache.org/release/2.7.0.html</guid>
<description>Apache Hadoop 2.7.0 contains a number of significant enhancements. A few of them are noted below.
- IMPORTANT notes This release drops support for JDK6 runtime and works with JDK 7+ only. This release is not yet ready for production use. Critical issues are being ironed out via testing and downstream adoption. Production users should wait for a 2.7.1/2.7.2 release. Hadoop Common HADOOP-9629 - Support Windows Azure Storage - Blob as a file system in Hadoop.</description>
+IMPORTANT notes This release drops support for JDK6 runtime and works with JDK 7+ only. This release is not yet ready for production use. Critical issues are being ironed out via testing and downstream adoption. Production users should wait for a 2.7.1/2.7.2 release. Hadoop Common HADOOP-9629 - Support Windows Azure Storage - Blob as a file system in Hadoop.</description>
</item>
<item>
@@ -569,7 +569,7 @@ Please see the Hadoop 2.7.1 Release Notes for the list of 131 bug fixes and patc
<guid>https://hadoop.apache.org/release/2.6.0.html</guid>
<description>Apache Hadoop 2.6.0 contains a number of significant enhancements such as:
- Hadoop Common HADOOP-10433 - Key management server (beta) HADOOP-10607 - Credential provider (beta) Hadoop HDFS Heterogeneous Storage Tiers - Phase 2 HDFS-5682 - Application APIs for heterogeneous storage HDFS-7228 - SSD storage tier HDFS-5851 - Memory as a storage tier (beta) HDFS-6584 - Support for Archival Storage HDFS-6134 - Transparent data at rest encryption (beta) HDFS-2856 - Operating secure DataNode without requiring root access HDFS-6740 - Hot swap drive: support add/remove da [...]
+Hadoop Common HADOOP-10433 - Key management server (beta) HADOOP-10607 - Credential provider (beta) Hadoop HDFS Heterogeneous Storage Tiers - Phase 2 HDFS-5682 - Application APIs for heterogeneous storage HDFS-7228 - SSD storage tier HDFS-5851 - Memory as a storage tier (beta) HDFS-6584 - Support for Archival Storage HDFS-6134 - Transparent data at rest encryption (beta) HDFS-2856 - Operating secure DataNode without requiring root access HDFS-6740 - Hot swap drive: support add/remove dat [...]
</item>
<item>
@@ -589,7 +589,7 @@ Please see the Hadoop 2.7.1 Release Notes for the list of 131 bug fixes and patc
<guid>https://hadoop.apache.org/release/2.5.0.html</guid>
<description>Apache Hadoop 2.5.0 is a minor release in the 2.x release line.
The release includes the following major features and improvements:
- Authentication improvements when using an HTTP proxy server. A new Hadoop Metrics sink that allows writing directly to Graphite. Specification for Hadoop Compatible Filesystem effort. Support for POSIX-style filesystem extended attributes. OfflineImageViewer to browse an fsimage via the WebHDFS API. Supportability improvements and bug fixes to the NFS gateway.</description>
+Authentication improvements when using an HTTP proxy server. A new Hadoop Metrics sink that allows writing directly to Graphite. Specification for Hadoop Compatible Filesystem effort. Support for POSIX-style filesystem extended attributes. OfflineImageViewer to browse an fsimage via the WebHDFS API. Supportability improvements and bug fixes to the NFS gateway.</description>
</item>
<item>
@@ -600,7 +600,7 @@ The release includes the following major features and improvements:
<guid>https://hadoop.apache.org/release/2.4.1.html</guid>
<description>Apache Hadoop 2.4.1 is a bug-fix release for the stable 2.4.x line.
There is also a security bug fix in this minor release.
- CVE-2014-0229: Add privilege checks to HDFS admin sub-commands refreshNamenodes, deleteBlockPool and shutdownDatanode. Users are encouraged to immediately move to 2.4.1.
+CVE-2014-0229: Add privilege checks to HDFS admin sub-commands refreshNamenodes, deleteBlockPool and shutdownDatanode. Users are encouraged to immediately move to 2.4.1.
Please see the Hadoop 2.4.1 Release Notes for details.</description>
</item>
@@ -621,7 +621,7 @@ Please see the Hadoop 0.23.11 Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/2.4.0.html</guid>
<description>Apache Hadoop 2.4.0 contains a number of significant enhancements such as:
- Support for Access Control Lists in HDFS Native support for Rolling Upgrades in HDFS Usage of protocol-buffers for HDFS FSImage for smooth operational upgrades Complete HTTPS support in HDFS Support for Automatic Failover of the YARN ResourceManager Enhanced support for new applications on YARN with Application History Server and Application Timeline Server Support for strong SLAs in YARN CapacityScheduler via Preemption Please see the Hadoop 2.</description>
+Support for Access Control Lists in HDFS Native support for Rolling Upgrades in HDFS Usage of protocol-buffers for HDFS FSImage for smooth operational upgrades Complete HTTPS support in HDFS Support for Automatic Failover of the YARN ResourceManager Enhanced support for new applications on YARN with Application History Server and Application Timeline Server Support for strong SLAs in YARN CapacityScheduler via Preemption Please see the Hadoop 2.</description>
</item>
<item>
@@ -631,7 +631,7 @@ Please see the Hadoop 0.23.11 Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/2.3.0.html</guid>
<description>Apache Hadoop 2.3.0 contains a number of significant enhancements such as:
- Support for Heterogeneous Storage hierarchy in HDFS. In-memory cache for HDFS data with centralized administration and management. Simplified distribution of MapReduce binaries via HDFS in YARN Distributed Cache. Please see the Hadoop 2.3.0 Release Notes for details.</description>
+Support for Heterogeneous Storage hierarchy in HDFS. In-memory cache for HDFS data with centralized administration and management. Simplified distribution of MapReduce binaries via HDFS in YARN Distributed Cache. Please see the Hadoop 2.3.0 Release Notes for details.</description>
</item>
<item>
@@ -653,7 +653,7 @@ Please see the Hadoop 0.23.10 Release Notes for details.</description>
<description>Apache Hadoop 2.2.0 is the GA release of Apache Hadoop 2.x.
Users are encouraged to immediately move to 2.2.0 since this release is significantly more stable and is guaranteed to remain compatible in terms of both APIs and protocols.
To recap, this release has a number of significant highlights compared to Hadoop 1.x:
- YARN - A general purpose resource management system for Hadoop to allow MapReduce and other other data processing frameworks and services High Availability for HDFS HDFS Federation HDFS Snapshots NFSv3 access to data in HDFS Support for running Hadoop on Microsoft Windows Binary Compatibility for MapReduce applications built on hadoop-1.</description>
+YARN - A general purpose resource management system for Hadoop to allow MapReduce and other other data processing frameworks and services High Availability for HDFS HDFS Federation HDFS Snapshots NFSv3 access to data in HDFS Support for running Hadoop on Microsoft Windows Binary Compatibility for MapReduce applications built on hadoop-1.</description>
</item>
<item>
@@ -675,7 +675,7 @@ Please see the Hadoop 2.1.1-beta Release Notes for details.</description>
<description>Apache Hadoop 2.1.0-beta is the beta release of Apache Hadoop 2.x.
Users are encouraged to immediately move to 2.1.0-beta since this release is significantly more stable and has completley whetted set of APIs and wire-protocols for future compatibility.
In addition, this release has a number of other significant highlights:
- HDFS Snapshots Support for running Hadoop on Microsoft Windows YARN API stabilization Binary Compatibility for MapReduce applications built on hadoop-1.x Substantial amount of integration testing with rest of projects in the ecosystem Please see the Hadoop 2.</description>
+HDFS Snapshots Support for running Hadoop on Microsoft Windows YARN API stabilization Binary Compatibility for MapReduce applications built on hadoop-1.x Substantial amount of integration testing with rest of projects in the ecosystem Please see the Hadoop 2.</description>
</item>
<item>
@@ -736,7 +736,7 @@ Please see the Hadoop 0.23.8 Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/1.2.0.html</guid>
<description>This is a beta release for version 1.2.
This release delivers over 200 enhancements and bug-fixes, compared to the previous 1.1.2 release. Major enhancements include:
- DistCp v2 backported Web services for JobTracker WebHDFS enhancements Extensions of task placement and replica placement policy interfaces Offline Image Viewer backported Namenode more robust in case of edit log corruption Add NodeGroups level to NetworkTopology Add &ldquo;unset&rdquo; to Configuration API Please see the Hadoop 1.</description>
+DistCp v2 backported Web services for JobTracker WebHDFS enhancements Extensions of task placement and replica placement policy interfaces Offline Image Viewer backported Namenode more robust in case of edit log corruption Add NodeGroups level to NetworkTopology Add &ldquo;unset&rdquo; to Configuration API Please see the Hadoop 1.</description>
</item>
<item>
@@ -776,7 +776,7 @@ Please see the Hadoop 0.23.7 Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/2.0.3-alpha.html</guid>
<description>This is the latest (alpha) version in the hadoop-2.x series.
This release delivers significant major features and stability over previous releases in hadoop-2.x series:
- QJM for HDFS HA for NameNode Multi-resource scheduling (CPU and memory) for YARN YARN ResourceManager Restart Significant stability at scale for YARN (over 30,000 nodes and 14 million applications so far, at time of release) This release, like previous releases in hadoop-2.x series is still considered alpha primarily since some of APIs aren&rsquo;t fully-baked and we expect some churn in future.</description>
+QJM for HDFS HA for NameNode Multi-resource scheduling (CPU and memory) for YARN YARN ResourceManager Restart Significant stability at scale for YARN (over 30,000 nodes and 14 million applications so far, at time of release) This release, like previous releases in hadoop-2.x series is still considered alpha primarily since some of APIs aren&rsquo;t fully-baked and we expect some churn in future.</description>
</item>
<item>
@@ -826,7 +826,7 @@ Please see the Hadoop 0.23.4 Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/1.1.0.html</guid>
<description>This is a beta release for version 1.1.
This release has approximately 135 enhancements and bug fixes compared to Hadoop-1.0.4, including:
- Many performance improvements in HDFS, backported from trunk Improvements in Security to use SPNEGO instead of Kerberized SSL for HTTP transactions Lower default minimum heartbeat for task trackers from 3 sec to 300msec to increase job throughput on small clusters Port of Gridmix v3 Set MALLOC_ARENA_MAX in hadoop-config.sh to resolve problems with glibc in RHEL-6 Splittable bzip2 files Of course it also has the same security fix as release 1.</description>
+Many performance improvements in HDFS, backported from trunk Improvements in Security to use SPNEGO instead of Kerberized SSL for HTTP transactions Lower default minimum heartbeat for task trackers from 3 sec to 300msec to increase job throughput on small clusters Port of Gridmix v3 Set MALLOC_ARENA_MAX in hadoop-config.sh to resolve problems with glibc in RHEL-6 Splittable bzip2 files Of course it also has the same security fix as release 1.</description>
</item>
<item>
@@ -837,7 +837,7 @@ This release has approximately 135 enhancements and bug fixes compared to Hadoop
<guid>https://hadoop.apache.org/release/1.0.4.html</guid>
<description>This is a Security Patch release for version 1.0.
There are four bug fixes and feature enhancements in this minor release:
- Security issue CVE-2012-4449: Hadoop tokens use a 20-bit secret HADOOP-7154 - set MALLOC_ARENA_MAX in hadoop-config.sh to resolve problems with glibc in RHEL-6 HDFS-3652 - FSEditLog failure removes the wrong edit stream when storage dirs have same name MAPREDUCE-4399 - Fix (up to 3x) performance regression in shuffle Please see the Hadoop 1.</description>
+Security issue CVE-2012-4449: Hadoop tokens use a 20-bit secret HADOOP-7154 - set MALLOC_ARENA_MAX in hadoop-config.sh to resolve problems with glibc in RHEL-6 HDFS-3652 - FSEditLog failure removes the wrong edit stream when storage dirs have same name MAPREDUCE-4399 - Fix (up to 3x) performance regression in shuffle Please see the Hadoop 1.</description>
</item>
<item>
@@ -879,7 +879,7 @@ Please see the Hadoop 2.0.1-alpha Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/2.0.0-alpha.html</guid>
<description>This is the first (alpha) version in the hadoop-2.x series.
This delivers significant major features over the currently stable hadoop-1.x series including:
- HDFS HA for NameNode (manual failover) YARN aka NextGen MapReduce HDFS Federation Performance Wire-compatibility for both HDFS and YARN/MapReduce (using protobufs) Please see the Hadoop 2.0.0-alpha Release Notes for details.</description>
+HDFS HA for NameNode (manual failover) YARN aka NextGen MapReduce HDFS Federation Performance Wire-compatibility for both HDFS and YARN/MapReduce (using protobufs) Please see the Hadoop 2.0.0-alpha Release Notes for details.</description>
</item>
<item>
@@ -890,7 +890,7 @@ This delivers significant major features over the currently stable hadoop-1.x se
<guid>https://hadoop.apache.org/release/1.0.3.html</guid>
<description>This is a bug fix release for version 1.0.
Bug fixes and feature enhancements in this minor release include:
- 4 patches in support of non-Oracle JDKs several patches to clean up error handling and log messages various production issue fixes Please see the Hadoop 1.0.3 Release Notes for details.</description>
+4 patches in support of non-Oracle JDKs several patches to clean up error handling and log messages various production issue fixes Please see the Hadoop 1.0.3 Release Notes for details.</description>
</item>
<item>
@@ -901,7 +901,7 @@ Bug fixes and feature enhancements in this minor release include:
<guid>https://hadoop.apache.org/release/1.0.2.html</guid>
<description>This is a bug fix release for version 1.0.
Bug fixes and feature enhancements in this minor release include:
- Snappy compressor/decompressor is available Occassional deadlock in metrics serving thread fixed 64-bit secure datanodes failed to start, now fixed Changed package names for 64-bit rpm/debs to use &ldquo;.x86_64.&rdquo; instead of &ldquo;.amd64.&rdquo; Please see the Hadoop 1.0.2 Release Notes for details.</description>
+Snappy compressor/decompressor is available Occassional deadlock in metrics serving thread fixed 64-bit secure datanodes failed to start, now fixed Changed package names for 64-bit rpm/debs to use &ldquo;.x86_64.&rdquo; instead of &ldquo;.amd64.&rdquo; Please see the Hadoop 1.0.2 Release Notes for details.</description>
</item>
<item>
@@ -912,7 +912,7 @@ Bug fixes and feature enhancements in this minor release include:
<guid>https://hadoop.apache.org/release/1.0.1.html</guid>
<description>This is a bug fix release for version 1.0. This release is now considered stable, replacing the long-standing 0.20.203.
Bug fixes in this minor release include:
- Added hadoop-client and hadoop-minicluster artifacts for ease of client install and testing Support run-as-user in non-secure mode Better compatibility with Ganglia, HBase, and Sqoop Please see the Hadoop 1.0.1 Release Notes for details.</description>
+Added hadoop-client and hadoop-minicluster artifacts for ease of client install and testing Support run-as-user in non-secure mode Better compatibility with Ganglia, HBase, and Sqoop Please see the Hadoop 1.0.1 Release Notes for details.</description>
</item>
<item>
@@ -923,7 +923,7 @@ Bug fixes in this minor release include:
<guid>https://hadoop.apache.org/release/0.23.1.html</guid>
<description>This is the second alpha version of the hadoop-0.23 major release after the first alpha 0.23.0. This release has significant improvements compared to 0.23.0 but should still be considered as alpha-quality and not for production use.
hadoop-0.23.1 contains several major advances from 0.23.0:
- Lots of bug fixes and improvements in both HDFS and MapReduce Major performance work to make this release either match or exceed performance of Hadoop-1 in most aspects of both HDFS and MapReduce.</description>
+Lots of bug fixes and improvements in both HDFS and MapReduce Major performance work to make this release either match or exceed performance of Hadoop-1 in most aspects of both HDFS and MapReduce.</description>
</item>
<item>
@@ -933,7 +933,7 @@ hadoop-0.23.1 contains several major advances from 0.23.0:
<guid>https://hadoop.apache.org/release/1.0.0.html</guid>
<description>After six years of gestation, Hadoop reaches 1.0.0! This release is from the 0.20-security code line, and includes support for:
- security HBase (append/hsynch/hflush, and security) webhdfs (with full support for security) performance enhanced access to local files for HBase other performance enhancements, bug fixes, and features Please see the complete Hadoop 1.0.0 Release Notes for details.</description>
+security HBase (append/hsynch/hflush, and security) webhdfs (with full support for security) performance enhanced access to local files for HBase other performance enhancements, bug fixes, and features Please see the complete Hadoop 1.0.0 Release Notes for details.</description>
</item>
<item>
@@ -945,8 +945,8 @@ hadoop-0.23.1 contains several major advances from 0.23.0:
<description>This release contains many bug fixes and optimizations compared to its predecessor 0.21.0. See the Hadoop 0.22.0 Release Notes for details. Alternatively, you can look at the complete change log for this release
Notes:
The following features are not supported in Hadoop 0.22.0.
- Security. Latest optimizations of the MapReduce framework introduced in the Hadoop 0.20.security line of releases. Disk-fail-in-place. JMX-based metrics v2. Hadoop 0.22.0 features
- HBase support with hflush and hsync.</description>
+Security. Latest optimizations of the MapReduce framework introduced in the Hadoop 0.20.security line of releases. Disk-fail-in-place. JMX-based metrics v2. Hadoop 0.22.0 features
+HBase support with hflush and hsync.</description>
</item>
<item>
@@ -957,7 +957,7 @@ The following features are not supported in Hadoop 0.22.0.
<guid>https://hadoop.apache.org/release/0.23.0.html</guid>
<description>This is the alpha version of the hadoop-0.23 major release. This is the first release we&rsquo;ve made off Apache Hadoop trunk in a long while. This release is alpha-quality and not yet ready for serious use.
hadoop-0.23 contains several major advances:
- HDFS Federation NextGen MapReduce (YARN) It also has several major performance improvements to both HDFS and MapReduce.
+HDFS Federation NextGen MapReduce (YARN) It also has several major performance improvements to both HDFS and MapReduce.
See the Hadoop 0.23.0 Release Notes for details.</description>
</item>
@@ -970,7 +970,7 @@ See the Hadoop 0.23.0 Release Notes for details.</description>
<description>This release contains improvements, new features, bug fixes and optimizations. This release includes rpms and debs, all duly checksummed and securely signed.
See the Hadoop 0.20.205.0 Release Notes for details. Alternatively, you can look at the complete change log for this release.
Notes:
- This release includes a merge of append/hsynch/hflush capabilities from 0.20-append branch, to support HBase in secure mode. This release includes the new webhdfs file system, but webhdfs write calls currently fail in secure mode.</description>
+This release includes a merge of append/hsynch/hflush capabilities from 0.20-append branch, to support HBase in secure mode. This release includes the new webhdfs file system, but webhdfs write calls currently fail in secure mode.</description>
</item>
<item>
@@ -979,10 +979,10 @@ Notes:
<pubDate>Mon, 05 Sep 2011 00:00:00 +0000</pubDate>
<guid>https://hadoop.apache.org/release/0.20.204.0.html</guid>
- <description>This release contains improvements, new features, bug fixes and optimizations. This release includes rpms and debs for the first time.
+ <description> This release contains improvements, new features, bug fixes and optimizations. This release includes rpms and debs for the first time.
See the Hadoop 0.20.204.0 Release Notes for details. Alternatively, you can look at the complete change log for this release.
Notes:
- The RPMs don&rsquo;t work with security turned on. (HADOOP-7599) The NameNode&rsquo;s edit log needs to be merged into the image via put the NameNode into safe mode run dfsadmin savenamespace command perform a normal upgrade </description>
+The RPMs don&rsquo;t work with security turned on. (HADOOP-7599) The NameNode&rsquo;s edit log needs to be merged into the image via put the NameNode into safe mode run dfsadmin savenamespace command perform a normal upgrade </description>
</item>
<item>
@@ -1074,7 +1074,7 @@ See the Hadoop 0.20.1 Release Notes for details. Alternatively, you can look at
<guid>https://hadoop.apache.org/news/2009-07-xx-subprojects.html</guid>
<description>Hadoop is getting bigger!
- Hadoop Core is renamed Hadoop Common. MapReduce and the Hadoop Distributed File System (HDFS) are now separate subprojects. Avro and Chukwa are new Hadoop subprojects. See the summary descriptions for all subprojects above. Visit the individual sites for more detailed information.</description>
+Hadoop Core is renamed Hadoop Common. MapReduce and the Hadoop Distributed File System (HDFS) are now separate subprojects. Avro and Chukwa are new Hadoop subprojects. See the summary descriptions for all subprojects above. Visit the individual sites for more detailed information.</description>
</item>
<item>
@@ -1327,7 +1327,7 @@ When upgrading an existing HDFS filesystem to a 0.15.x release from an earlier r
<guid>https://hadoop.apache.org/release/0.14.1.html</guid>
<description>New features in release 0.14 include:
- Better checksums in HDFS. Checksums are no longer stored in parallel HDFS files, but are stored directly by datanodes alongside blocks. This is more efficient for the namenode and also improves data integrity. Pipes: A C++ API for MapReduce Eclipse Plugin, including HDFS browsing, job monitoring, etc. File modification times in HDFS. There are many other improvements, bug fixes, optimizations and new features.</description>
+Better checksums in HDFS. Checksums are no longer stored in parallel HDFS files, but are stored directly by datanodes alongside blocks. This is more efficient for the namenode and also improves data integrity. Pipes: A C++ API for MapReduce Eclipse Plugin, including HDFS browsing, job monitoring, etc. File modification times in HDFS. There are many other improvements, bug fixes, optimizations and new features. Performance and reliability are better than ever.</description>
</item>
<item>
@@ -1346,7 +1346,7 @@ Major versions are used to introduce substantial, potentially incompatible, chan
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
<guid>https://hadoop.apache.org/releases.html</guid>
- <description>To verify Hadoop releases using GPG: Download the release hadoop-X.Y.Z-src.tar.gz from a mirror site. Download the signature file hadoop-X.Y.Z-src.tar.gz.asc from Apache. Download the Hadoop KEYS file. gpg &ndash;import KEYS gpg &ndash;verify hadoop-X.Y.Z-src.tar.gz.asc To perform a quick check using SHA-512: Download the release hadoop-X.Y.Z-src.tar.gz from a mirror site. Download the checksum hadoop-X.Y.Z-src.tar.gz.sha512 or hadoop-X.Y.Z-src.tar.gz.mds fr [...]
+ <description>To verify Hadoop releases using GPG: Download the release hadoop-X.Y.Z-src.tar.gz from a mirror site. Download the signature file hadoop-X.Y.Z-src.tar.gz.asc from Apache. Download the Hadoop KEYS file. gpg &ndash;import KEYS gpg &ndash;verify hadoop-X.Y.Z-src.tar.gz.asc To perform a quick check using SHA-512: Download the release hadoop-X.Y.Z-src.tar.gz from a mirror site. Download the checksum hadoop-X.Y.Z-src.tar.gz.sha512 or hadoop-X.Y.Z-src.tar.gz.mds from [...]
</item>
<item>
@@ -1366,7 +1366,7 @@ Hadoop is a project of the Apache Software Foundation. The foundation holds the
<guid>https://hadoop.apache.org/committer_criteria.html</guid>
<description>Committers are responsible for reviewing and integrating code changes. The PMC votes to make a contributor a committer based on an assessment of their contributions to the project. Contributions can be made in many ways, and there is no one route to committership. That said, here are the general criteria that the PMC looks for from all potential committers:
- A history of sustained contribution to the project. This is a way for a contributor to demonstrate their expertise in an area, and thus their ability to help review and commit contributions by others in that same area.</description>
+A history of sustained contribution to the project. This is a way for a contributor to demonstrate their expertise in an area, and thus their ability to help review and commit contributions by others in that same area.</description>
</item>
<item>
@@ -1388,7 +1388,7 @@ The Apache Hadoop software library is a framework that allows for the distribute
<guid>https://hadoop.apache.org/cve_list.html</guid>
<description>This page lists security fixes that the Hadoop PMC felt warranted a CVE. If you think something is missing from this list or if you think the set of impacted or fixed versions is incomplete then please ask on the Security list.
CVEs are presented in most-recent-first order of announcement.
-CVE-2022-26612 Arbitrary file write during untar on Windows In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes.</description>
+CVE-2021-33036 Apache Hadoop Privilege escalation vulnerability In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.</description>
</item>
<item>
@@ -1399,8 +1399,8 @@ CVE-2022-26612 Arbitrary file write during untar on Windows In Apache Hadoop, Th
<guid>https://hadoop.apache.org/issue_tracking.html</guid>
<description>Hadoop tracks both bugs and enhancement requests using JIRA.
We welcome input, however, before filing a request, please make sure you do the following:
- Search the Apache JIRA database. Check the users mailing lists, both by searching the archives and by asking questions. Jira subprojects:
- Hadoop Common issues are tracked in the HADOOP Jira instance. HDFS issues are tracked in the HDFS Jira instance. YARN issues are tracked in the YARN Jira instance.</description>
+Search the Apache JIRA database. Check the users mailing lists, both by searching the archives and by asking questions. Jira subprojects:
+Hadoop Common issues are tracked in the HADOOP Jira instance. HDFS issues are tracked in the HDFS Jira instance. YARN issues are tracked in the YARN Jira instance.</description>
</item>
<item>
@@ -1411,8 +1411,8 @@ We welcome input, however, before filing a request, please make sure you do the
<guid>https://hadoop.apache.org/mailing_lists.html</guid>
<description>User The user@ mailing list is the preferred mailing list for end-user questions and discussion.
Please use the specific module&rsquo;s -dev@ mailing list to address developers on a specific technical question. The Hadoop user mailing list is : user@hadoop.apache.org.
- Subscribe to List Unsubscribe from List Archives 中文用户可利用user-zh邮件列表以中文发问
- 订阅邮件列表 取消订阅 归档邮件 In order to post to the list, it is necessary to first subscribe to it.
+Subscribe to List Unsubscribe from List Archives 中文用户可利用user-zh邮件列表以中文发问
+订阅邮件列表 取消订阅 归档邮件 In order to post to the list, it is necessary to first subscribe to it.
Security The security mailing list is a private list for discussion of potential security vulnerabilities issues.</description>
</item>
@@ -1433,8 +1433,8 @@ Hdfs, Yarn, Mapreduce and other components all are parts of this one repository.
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
<guid>https://hadoop.apache.org/modules.html</guid>
- <description>The project includes these modules:
- Hadoop Common: The common utilities that support the other Hadoop modules. Hadoop Distributed File System (HDFS™): A distributed file system that provides high-throughput access to application data. Hadoop YARN: A framework for job scheduling and cluster resource management. Hadoop MapReduce: A YARN-based system for parallel processing of large data sets. </description>
+ <description> The project includes these modules:
+Hadoop Common: The common utilities that support the other Hadoop modules. Hadoop Distributed File System (HDFS™): A distributed file system that provides high-throughput access to application data. Hadoop YARN: A framework for job scheduling and cluster resource management. Hadoop MapReduce: A YARN-based system for parallel processing of large data sets. </description>
</item>
<item>
@@ -1444,7 +1444,7 @@ Hdfs, Yarn, Mapreduce and other components all are parts of this one repository.
<guid>https://hadoop.apache.org/privacy_policy.html</guid>
<description>Information about your use of this website is collected using server access logs and a tracking cookie. The collected information consists of the following:
- The IP address from which you access the website; The type of browser and operating system you use to access our site; The date and time you access our site; The pages you visit; and The addresses of pages from where you followed a link to our site.</description>
+The IP address from which you access the website; The type of browser and operating system you use to access our site; The date and time you access our site; The pages you visit; and The addresses of pages from where you followed a link to our site.</description>
</item>
<item>
@@ -1454,7 +1454,7 @@ Hdfs, Yarn, Mapreduce and other components all are parts of this one repository.
<guid>https://hadoop.apache.org/related.html</guid>
<description>Other Hadoop-related projects at Apache include:
- Ambari™: A web-based tool for provisioning, managing, and monitoring Apache Hadoop clusters which includes support for Hadoop HDFS, Hadoop MapReduce, Hive, HCatalog, HBase, ZooKeeper, Oozie, Pig and Sqoop. Ambari also provides a dashboard for viewing cluster health such as heatmaps and ability to view MapReduce, Pig and Hive applications visually alongwith features to diagnose their performance characteristics in a user-friendly manner. Avro™: A data serialization system.</description>
+Ambari™: A web-based tool for provisioning, managing, and monitoring Apache Hadoop clusters which includes support for Hadoop HDFS, Hadoop MapReduce, Hive, HCatalog, HBase, ZooKeeper, Oozie, Pig and Sqoop. Ambari also provides a dashboard for viewing cluster health such as heatmaps and ability to view MapReduce, Pig and Hive applications visually alongwith features to diagnose their performance characteristics in a user-friendly manner. Avro™: A data serialization system.</description>
</item>
<item>
diff --git a/content/news/index.xml b/content/news/index.xml
index dfa12e6b62..5fdeee2a0f 100644
--- a/content/news/index.xml
+++ b/content/news/index.xml
@@ -137,7 +137,7 @@ Apache HBase can now be found at http://hbase.apache.org/</description>
<guid>https://hadoop.apache.org/news/2009-07-xx-subprojects.html</guid>
<description>Hadoop is getting bigger!
- Hadoop Core is renamed Hadoop Common. MapReduce and the Hadoop Distributed File System (HDFS) are now separate subprojects. Avro and Chukwa are new Hadoop subprojects. See the summary descriptions for all subprojects above. Visit the individual sites for more detailed information.</description>
+Hadoop Core is renamed Hadoop Common. MapReduce and the Hadoop Distributed File System (HDFS) are now separate subprojects. Avro and Chukwa are new Hadoop subprojects. See the summary descriptions for all subprojects above. Visit the individual sites for more detailed information.</description>
</item>
<item>
diff --git a/content/release/index.xml b/content/release/index.xml
index d586750f05..2bc367f7cd 100644
--- a/content/release/index.xml
+++ b/content/release/index.xml
@@ -470,7 +470,7 @@ Please see the Hadoop 2.7.1 Release Notes for the list of 131 bug fixes and patc
<guid>https://hadoop.apache.org/release/2.7.0.html</guid>
<description>Apache Hadoop 2.7.0 contains a number of significant enhancements. A few of them are noted below.
- IMPORTANT notes This release drops support for JDK6 runtime and works with JDK 7+ only. This release is not yet ready for production use. Critical issues are being ironed out via testing and downstream adoption. Production users should wait for a 2.7.1/2.7.2 release. Hadoop Common HADOOP-9629 - Support Windows Azure Storage - Blob as a file system in Hadoop.</description>
+IMPORTANT notes This release drops support for JDK6 runtime and works with JDK 7+ only. This release is not yet ready for production use. Critical issues are being ironed out via testing and downstream adoption. Production users should wait for a 2.7.1/2.7.2 release. Hadoop Common HADOOP-9629 - Support Windows Azure Storage - Blob as a file system in Hadoop.</description>
</item>
<item>
@@ -489,7 +489,7 @@ Please see the Hadoop 2.7.1 Release Notes for the list of 131 bug fixes and patc
<guid>https://hadoop.apache.org/release/2.6.0.html</guid>
<description>Apache Hadoop 2.6.0 contains a number of significant enhancements such as:
- Hadoop Common HADOOP-10433 - Key management server (beta) HADOOP-10607 - Credential provider (beta) Hadoop HDFS Heterogeneous Storage Tiers - Phase 2 HDFS-5682 - Application APIs for heterogeneous storage HDFS-7228 - SSD storage tier HDFS-5851 - Memory as a storage tier (beta) HDFS-6584 - Support for Archival Storage HDFS-6134 - Transparent data at rest encryption (beta) HDFS-2856 - Operating secure DataNode without requiring root access HDFS-6740 - Hot swap drive: support add/remove da [...]
+Hadoop Common HADOOP-10433 - Key management server (beta) HADOOP-10607 - Credential provider (beta) Hadoop HDFS Heterogeneous Storage Tiers - Phase 2 HDFS-5682 - Application APIs for heterogeneous storage HDFS-7228 - SSD storage tier HDFS-5851 - Memory as a storage tier (beta) HDFS-6584 - Support for Archival Storage HDFS-6134 - Transparent data at rest encryption (beta) HDFS-2856 - Operating secure DataNode without requiring root access HDFS-6740 - Hot swap drive: support add/remove dat [...]
</item>
<item>
@@ -509,7 +509,7 @@ Please see the Hadoop 2.7.1 Release Notes for the list of 131 bug fixes and patc
<guid>https://hadoop.apache.org/release/2.5.0.html</guid>
<description>Apache Hadoop 2.5.0 is a minor release in the 2.x release line.
The release includes the following major features and improvements:
- Authentication improvements when using an HTTP proxy server. A new Hadoop Metrics sink that allows writing directly to Graphite. Specification for Hadoop Compatible Filesystem effort. Support for POSIX-style filesystem extended attributes. OfflineImageViewer to browse an fsimage via the WebHDFS API. Supportability improvements and bug fixes to the NFS gateway.</description>
+Authentication improvements when using an HTTP proxy server. A new Hadoop Metrics sink that allows writing directly to Graphite. Specification for Hadoop Compatible Filesystem effort. Support for POSIX-style filesystem extended attributes. OfflineImageViewer to browse an fsimage via the WebHDFS API. Supportability improvements and bug fixes to the NFS gateway.</description>
</item>
<item>
@@ -520,7 +520,7 @@ The release includes the following major features and improvements:
<guid>https://hadoop.apache.org/release/2.4.1.html</guid>
<description>Apache Hadoop 2.4.1 is a bug-fix release for the stable 2.4.x line.
There is also a security bug fix in this minor release.
- CVE-2014-0229: Add privilege checks to HDFS admin sub-commands refreshNamenodes, deleteBlockPool and shutdownDatanode. Users are encouraged to immediately move to 2.4.1.
+CVE-2014-0229: Add privilege checks to HDFS admin sub-commands refreshNamenodes, deleteBlockPool and shutdownDatanode. Users are encouraged to immediately move to 2.4.1.
Please see the Hadoop 2.4.1 Release Notes for details.</description>
</item>
@@ -541,7 +541,7 @@ Please see the Hadoop 0.23.11 Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/2.4.0.html</guid>
<description>Apache Hadoop 2.4.0 contains a number of significant enhancements such as:
- Support for Access Control Lists in HDFS Native support for Rolling Upgrades in HDFS Usage of protocol-buffers for HDFS FSImage for smooth operational upgrades Complete HTTPS support in HDFS Support for Automatic Failover of the YARN ResourceManager Enhanced support for new applications on YARN with Application History Server and Application Timeline Server Support for strong SLAs in YARN CapacityScheduler via Preemption Please see the Hadoop 2.</description>
+Support for Access Control Lists in HDFS Native support for Rolling Upgrades in HDFS Usage of protocol-buffers for HDFS FSImage for smooth operational upgrades Complete HTTPS support in HDFS Support for Automatic Failover of the YARN ResourceManager Enhanced support for new applications on YARN with Application History Server and Application Timeline Server Support for strong SLAs in YARN CapacityScheduler via Preemption Please see the Hadoop 2.</description>
</item>
<item>
@@ -551,7 +551,7 @@ Please see the Hadoop 0.23.11 Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/2.3.0.html</guid>
<description>Apache Hadoop 2.3.0 contains a number of significant enhancements such as:
- Support for Heterogeneous Storage hierarchy in HDFS. In-memory cache for HDFS data with centralized administration and management. Simplified distribution of MapReduce binaries via HDFS in YARN Distributed Cache. Please see the Hadoop 2.3.0 Release Notes for details.</description>
+Support for Heterogeneous Storage hierarchy in HDFS. In-memory cache for HDFS data with centralized administration and management. Simplified distribution of MapReduce binaries via HDFS in YARN Distributed Cache. Please see the Hadoop 2.3.0 Release Notes for details.</description>
</item>
<item>
@@ -573,7 +573,7 @@ Please see the Hadoop 0.23.10 Release Notes for details.</description>
<description>Apache Hadoop 2.2.0 is the GA release of Apache Hadoop 2.x.
Users are encouraged to immediately move to 2.2.0 since this release is significantly more stable and is guaranteed to remain compatible in terms of both APIs and protocols.
To recap, this release has a number of significant highlights compared to Hadoop 1.x:
- YARN - A general purpose resource management system for Hadoop to allow MapReduce and other other data processing frameworks and services High Availability for HDFS HDFS Federation HDFS Snapshots NFSv3 access to data in HDFS Support for running Hadoop on Microsoft Windows Binary Compatibility for MapReduce applications built on hadoop-1.</description>
+YARN - A general purpose resource management system for Hadoop to allow MapReduce and other other data processing frameworks and services High Availability for HDFS HDFS Federation HDFS Snapshots NFSv3 access to data in HDFS Support for running Hadoop on Microsoft Windows Binary Compatibility for MapReduce applications built on hadoop-1.</description>
</item>
<item>
@@ -595,7 +595,7 @@ Please see the Hadoop 2.1.1-beta Release Notes for details.</description>
<description>Apache Hadoop 2.1.0-beta is the beta release of Apache Hadoop 2.x.
Users are encouraged to immediately move to 2.1.0-beta since this release is significantly more stable and has completley whetted set of APIs and wire-protocols for future compatibility.
In addition, this release has a number of other significant highlights:
- HDFS Snapshots Support for running Hadoop on Microsoft Windows YARN API stabilization Binary Compatibility for MapReduce applications built on hadoop-1.x Substantial amount of integration testing with rest of projects in the ecosystem Please see the Hadoop 2.</description>
+HDFS Snapshots Support for running Hadoop on Microsoft Windows YARN API stabilization Binary Compatibility for MapReduce applications built on hadoop-1.x Substantial amount of integration testing with rest of projects in the ecosystem Please see the Hadoop 2.</description>
</item>
<item>
@@ -656,7 +656,7 @@ Please see the Hadoop 0.23.8 Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/1.2.0.html</guid>
<description>This is a beta release for version 1.2.
This release delivers over 200 enhancements and bug-fixes, compared to the previous 1.1.2 release. Major enhancements include:
- DistCp v2 backported Web services for JobTracker WebHDFS enhancements Extensions of task placement and replica placement policy interfaces Offline Image Viewer backported Namenode more robust in case of edit log corruption Add NodeGroups level to NetworkTopology Add &ldquo;unset&rdquo; to Configuration API Please see the Hadoop 1.</description>
+DistCp v2 backported Web services for JobTracker WebHDFS enhancements Extensions of task placement and replica placement policy interfaces Offline Image Viewer backported Namenode more robust in case of edit log corruption Add NodeGroups level to NetworkTopology Add &ldquo;unset&rdquo; to Configuration API Please see the Hadoop 1.</description>
</item>
<item>
@@ -696,7 +696,7 @@ Please see the Hadoop 0.23.7 Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/2.0.3-alpha.html</guid>
<description>This is the latest (alpha) version in the hadoop-2.x series.
This release delivers significant major features and stability over previous releases in hadoop-2.x series:
- QJM for HDFS HA for NameNode Multi-resource scheduling (CPU and memory) for YARN YARN ResourceManager Restart Significant stability at scale for YARN (over 30,000 nodes and 14 million applications so far, at time of release) This release, like previous releases in hadoop-2.x series is still considered alpha primarily since some of APIs aren&rsquo;t fully-baked and we expect some churn in future.</description>
+QJM for HDFS HA for NameNode Multi-resource scheduling (CPU and memory) for YARN YARN ResourceManager Restart Significant stability at scale for YARN (over 30,000 nodes and 14 million applications so far, at time of release) This release, like previous releases in hadoop-2.x series is still considered alpha primarily since some of APIs aren&rsquo;t fully-baked and we expect some churn in future.</description>
</item>
<item>
@@ -746,7 +746,7 @@ Please see the Hadoop 0.23.4 Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/1.1.0.html</guid>
<description>This is a beta release for version 1.1.
This release has approximately 135 enhancements and bug fixes compared to Hadoop-1.0.4, including:
- Many performance improvements in HDFS, backported from trunk Improvements in Security to use SPNEGO instead of Kerberized SSL for HTTP transactions Lower default minimum heartbeat for task trackers from 3 sec to 300msec to increase job throughput on small clusters Port of Gridmix v3 Set MALLOC_ARENA_MAX in hadoop-config.sh to resolve problems with glibc in RHEL-6 Splittable bzip2 files Of course it also has the same security fix as release 1.</description>
+Many performance improvements in HDFS, backported from trunk Improvements in Security to use SPNEGO instead of Kerberized SSL for HTTP transactions Lower default minimum heartbeat for task trackers from 3 sec to 300msec to increase job throughput on small clusters Port of Gridmix v3 Set MALLOC_ARENA_MAX in hadoop-config.sh to resolve problems with glibc in RHEL-6 Splittable bzip2 files Of course it also has the same security fix as release 1.</description>
</item>
<item>
@@ -757,7 +757,7 @@ This release has approximately 135 enhancements and bug fixes compared to Hadoop
<guid>https://hadoop.apache.org/release/1.0.4.html</guid>
<description>This is a Security Patch release for version 1.0.
There are four bug fixes and feature enhancements in this minor release:
- Security issue CVE-2012-4449: Hadoop tokens use a 20-bit secret HADOOP-7154 - set MALLOC_ARENA_MAX in hadoop-config.sh to resolve problems with glibc in RHEL-6 HDFS-3652 - FSEditLog failure removes the wrong edit stream when storage dirs have same name MAPREDUCE-4399 - Fix (up to 3x) performance regression in shuffle Please see the Hadoop 1.</description>
+Security issue CVE-2012-4449: Hadoop tokens use a 20-bit secret HADOOP-7154 - set MALLOC_ARENA_MAX in hadoop-config.sh to resolve problems with glibc in RHEL-6 HDFS-3652 - FSEditLog failure removes the wrong edit stream when storage dirs have same name MAPREDUCE-4399 - Fix (up to 3x) performance regression in shuffle Please see the Hadoop 1.</description>
</item>
<item>
@@ -799,7 +799,7 @@ Please see the Hadoop 2.0.1-alpha Release Notes for details.</description>
<guid>https://hadoop.apache.org/release/2.0.0-alpha.html</guid>
<description>This is the first (alpha) version in the hadoop-2.x series.
This delivers significant major features over the currently stable hadoop-1.x series including:
- HDFS HA for NameNode (manual failover) YARN aka NextGen MapReduce HDFS Federation Performance Wire-compatibility for both HDFS and YARN/MapReduce (using protobufs) Please see the Hadoop 2.0.0-alpha Release Notes for details.</description>
+HDFS HA for NameNode (manual failover) YARN aka NextGen MapReduce HDFS Federation Performance Wire-compatibility for both HDFS and YARN/MapReduce (using protobufs) Please see the Hadoop 2.0.0-alpha Release Notes for details.</description>
</item>
<item>
@@ -810,7 +810,7 @@ This delivers significant major features over the currently stable hadoop-1.x se
<guid>https://hadoop.apache.org/release/1.0.3.html</guid>
<description>This is a bug fix release for version 1.0.
Bug fixes and feature enhancements in this minor release include:
- 4 patches in support of non-Oracle JDKs several patches to clean up error handling and log messages various production issue fixes Please see the Hadoop 1.0.3 Release Notes for details.</description>
+4 patches in support of non-Oracle JDKs several patches to clean up error handling and log messages various production issue fixes Please see the Hadoop 1.0.3 Release Notes for details.</description>
</item>
<item>
@@ -821,7 +821,7 @@ Bug fixes and feature enhancements in this minor release include:
<guid>https://hadoop.apache.org/release/1.0.2.html</guid>
<description>This is a bug fix release for version 1.0.
Bug fixes and feature enhancements in this minor release include:
- Snappy compressor/decompressor is available Occassional deadlock in metrics serving thread fixed 64-bit secure datanodes failed to start, now fixed Changed package names for 64-bit rpm/debs to use &ldquo;.x86_64.&rdquo; instead of &ldquo;.amd64.&rdquo; Please see the Hadoop 1.0.2 Release Notes for details.</description>
+Snappy compressor/decompressor is available Occassional deadlock in metrics serving thread fixed 64-bit secure datanodes failed to start, now fixed Changed package names for 64-bit rpm/debs to use &ldquo;.x86_64.&rdquo; instead of &ldquo;.amd64.&rdquo; Please see the Hadoop 1.0.2 Release Notes for details.</description>
</item>
<item>
@@ -832,7 +832,7 @@ Bug fixes and feature enhancements in this minor release include:
<guid>https://hadoop.apache.org/release/1.0.1.html</guid>
<description>This is a bug fix release for version 1.0. This release is now considered stable, replacing the long-standing 0.20.203.
Bug fixes in this minor release include:
- Added hadoop-client and hadoop-minicluster artifacts for ease of client install and testing Support run-as-user in non-secure mode Better compatibility with Ganglia, HBase, and Sqoop Please see the Hadoop 1.0.1 Release Notes for details.</description>
+Added hadoop-client and hadoop-minicluster artifacts for ease of client install and testing Support run-as-user in non-secure mode Better compatibility with Ganglia, HBase, and Sqoop Please see the Hadoop 1.0.1 Release Notes for details.</description>
</item>
<item>
@@ -843,7 +843,7 @@ Bug fixes in this minor release include:
<guid>https://hadoop.apache.org/release/0.23.1.html</guid>
<description>This is the second alpha version of the hadoop-0.23 major release after the first alpha 0.23.0. This release has significant improvements compared to 0.23.0 but should still be considered as alpha-quality and not for production use.
hadoop-0.23.1 contains several major advances from 0.23.0:
- Lots of bug fixes and improvements in both HDFS and MapReduce Major performance work to make this release either match or exceed performance of Hadoop-1 in most aspects of both HDFS and MapReduce.</description>
+Lots of bug fixes and improvements in both HDFS and MapReduce Major performance work to make this release either match or exceed performance of Hadoop-1 in most aspects of both HDFS and MapReduce.</description>
</item>
<item>
@@ -853,7 +853,7 @@ hadoop-0.23.1 contains several major advances from 0.23.0:
<guid>https://hadoop.apache.org/release/1.0.0.html</guid>
<description>After six years of gestation, Hadoop reaches 1.0.0! This release is from the 0.20-security code line, and includes support for:
- security HBase (append/hsynch/hflush, and security) webhdfs (with full support for security) performance enhanced access to local files for HBase other performance enhancements, bug fixes, and features Please see the complete Hadoop 1.0.0 Release Notes for details.</description>
+security HBase (append/hsynch/hflush, and security) webhdfs (with full support for security) performance enhanced access to local files for HBase other performance enhancements, bug fixes, and features Please see the complete Hadoop 1.0.0 Release Notes for details.</description>
</item>
<item>
@@ -865,8 +865,8 @@ hadoop-0.23.1 contains several major advances from 0.23.0:
<description>This release contains many bug fixes and optimizations compared to its predecessor 0.21.0. See the Hadoop 0.22.0 Release Notes for details. Alternatively, you can look at the complete change log for this release
Notes:
The following features are not supported in Hadoop 0.22.0.
- Security. Latest optimizations of the MapReduce framework introduced in the Hadoop 0.20.security line of releases. Disk-fail-in-place. JMX-based metrics v2. Hadoop 0.22.0 features
- HBase support with hflush and hsync.</description>
+Security. Latest optimizations of the MapReduce framework introduced in the Hadoop 0.20.security line of releases. Disk-fail-in-place. JMX-based metrics v2. Hadoop 0.22.0 features
+HBase support with hflush and hsync.</description>
</item>
<item>
@@ -877,7 +877,7 @@ The following features are not supported in Hadoop 0.22.0.
<guid>https://hadoop.apache.org/release/0.23.0.html</guid>
<description>This is the alpha version of the hadoop-0.23 major release. This is the first release we&rsquo;ve made off Apache Hadoop trunk in a long while. This release is alpha-quality and not yet ready for serious use.
hadoop-0.23 contains several major advances:
- HDFS Federation NextGen MapReduce (YARN) It also has several major performance improvements to both HDFS and MapReduce.
+HDFS Federation NextGen MapReduce (YARN) It also has several major performance improvements to both HDFS and MapReduce.
See the Hadoop 0.23.0 Release Notes for details.</description>
</item>
@@ -890,7 +890,7 @@ See the Hadoop 0.23.0 Release Notes for details.</description>
<description>This release contains improvements, new features, bug fixes and optimizations. This release includes rpms and debs, all duly checksummed and securely signed.
See the Hadoop 0.20.205.0 Release Notes for details. Alternatively, you can look at the complete change log for this release.
Notes:
- This release includes a merge of append/hsynch/hflush capabilities from 0.20-append branch, to support HBase in secure mode. This release includes the new webhdfs file system, but webhdfs write calls currently fail in secure mode.</description>
+This release includes a merge of append/hsynch/hflush capabilities from 0.20-append branch, to support HBase in secure mode. This release includes the new webhdfs file system, but webhdfs write calls currently fail in secure mode.</description>
</item>
<item>
@@ -899,10 +899,10 @@ Notes:
<pubDate>Mon, 05 Sep 2011 00:00:00 +0000</pubDate>
<guid>https://hadoop.apache.org/release/0.20.204.0.html</guid>
- <description>This release contains improvements, new features, bug fixes and optimizations. This release includes rpms and debs for the first time.
+ <description> This release contains improvements, new features, bug fixes and optimizations. This release includes rpms and debs for the first time.
See the Hadoop 0.20.204.0 Release Notes for details. Alternatively, you can look at the complete change log for this release.
Notes:
- The RPMs don&rsquo;t work with security turned on. (HADOOP-7599) The NameNode&rsquo;s edit log needs to be merged into the image via put the NameNode into safe mode run dfsadmin savenamespace command perform a normal upgrade </description>
+The RPMs don&rsquo;t work with security turned on. (HADOOP-7599) The NameNode&rsquo;s edit log needs to be merged into the image via put the NameNode into safe mode run dfsadmin savenamespace command perform a normal upgrade </description>
</item>
<item>
@@ -1168,7 +1168,7 @@ When upgrading an existing HDFS filesystem to a 0.15.x release from an earlier r
<guid>https://hadoop.apache.org/release/0.14.1.html</guid>
<description>New features in release 0.14 include:
- Better checksums in HDFS. Checksums are no longer stored in parallel HDFS files, but are stored directly by datanodes alongside blocks. This is more efficient for the namenode and also improves data integrity. Pipes: A C++ API for MapReduce Eclipse Plugin, including HDFS browsing, job monitoring, etc. File modification times in HDFS. There are many other improvements, bug fixes, optimizations and new features.</description>
+Better checksums in HDFS. Checksums are no longer stored in parallel HDFS files, but are stored directly by datanodes alongside blocks. This is more efficient for the namenode and also improves data integrity. Pipes: A C++ API for MapReduce Eclipse Plugin, including HDFS browsing, job monitoring, etc. File modification times in HDFS. There are many other improvements, bug fixes, optimizations and new features. Performance and reliability are better than ever.</description>
</item>
</channel>
diff --git a/content/who.html b/content/who.html
index 6b1396e7fe..ab63549f1f 100644
--- a/content/who.html
+++ b/content/who.html
@@ -766,13 +766,6 @@ order):</p>
<td>-8</td>
</tr>
<tr>
-<td>tomscut</td>
-<td><a href="http://github.com/tomscut">Tao Li</a></td>
-<td>BIGO</td>
-<td></td>
-<td>+8</td>
-</tr>
-<tr>
<td>tomwhite</td>
<td><a href="http://weblogs.java.net/blog/tomwhite/">Tom White</a></td>
<td>Cloudera</td>
@@ -1977,6 +1970,13 @@ order):</p>
<td>-8</td>
</tr>
<tr>
+<td>tomscut</td>
+<td><a href="http://github.com/tomscut">Tao Li</a></td>
+<td>BIGO</td>
+<td></td>
+<td>+8</td>
+</tr>
+<tr>
<td>tomwhite</td>
<td><a href="http://www.lexemetech.com">Tom White</a></td>
<td>Cloudera</td>
diff --git a/src/cve_list.md b/src/cve_list.md
index bd7961fbfd..9e31d31ba0 100644
--- a/src/cve_list.md
+++ b/src/cve_list.md
@@ -37,6 +37,23 @@ One paragraph summary goes here. Don't need nuts-and-bolts detail, just enough f
- **Issue Announced**:
-->
+## [CVE-2021-33036](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33036) Apache Hadoop Privilege escalation vulnerability
+
+In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to
+3.2.2, and 3.3.0 to 3.3.1, A user who can escalate to yarn user can
+possibly run arbitrary commands as root user.
+
+If you are using the affected version of Apache Hadoop and some users
+can escalate to yarn user and cannot escalate to root user, remove the
+permission to escalate to yarn user from them.
+
+- **Versions affected**: 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, 3.3.0 to 3.3.1
+- **Fixed versions**: 3.2.3, 3.3.2
+- **Impact**: privilege escalation
+- **Reporter**: Hideyuki Furue
+- **Reported Date**: 2021/05/05
+- **Issue Announced**: 2022/06/15 ([general@hadoop](https://lists.apache.org/thread/ctr84rmo3xd2tzqcx2b277c8z692vhl5))
+
## [CVE-2022-26612](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26612) Arbitrary file write during untar on Windows
In Apache Hadoop, The `unTar` function uses `unTarUsingJava` function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an arbitrary file into the external directory using the symlink name. This however would be caught by the same `targetDirPath` check on Unix because of the `getCanonicalPath` call. However on Windo [...]
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org