MapR Data Science Refinery Release Notes
This section contains release notes for the MapR Data Science Refinery.
Older Releases of the MapR Data Science Refinery
Version 1.0 and earlier instances of the 1.1 and 1.2 versions of the Data Science Refinery have a security vulnerability. The vulnerability allows users, other than the one you have configured, to access the Zeppelin UI. To determine if you are using an image that has this vulnerability, check the id of your Docker image by running the following command:
docker images
The following is sample output from the command. The third column corresponds to the image id:
REPOSITORY TAG IMAGE ID CREATED SIZE
maprtech/data-science-refinery v1.2_6.0.1_5.0.0_centos7 fb10d575b45f 5 days ago 3.94GB
If your image id matches any of the ids shown in the following table, then you must pull a newer version of the Docker image.
Data Science Refinery Version Number | Operating System | Vulnerable Image Id |
---|---|---|
1.2 | Ubuntu 16 | fab3fc7a719e |
CentOS 7 | 0e746a584940 | |
1.1 | Ubuntu 16 | 310a209f8089 |
CentOS 7 | 2caf2307bb0b | |
1.0 | All operating systems | All ids |
See Accessing the Zeppelin Docker Image for instructions on how to download the latest image.
For more information about this security vulnerability, see Zeppelin Authentication: Passwords in Shiro are overwritten.