Hive 2.1.1-2201 (EEP 5.0.8) Release Notes

This section provides reference information, including new features, fixes, known issues, and limitations for Hive 2.1.1 in EEP 5.0.8.

Below are release notes for the Hive component included in the HPE Ezmeral Data Fabric. You may also be interested in the Apache Hive 2.1.1 Release Notes or the Apache Hive homepage.

These release notes contain only HPE-specific information and are not necessarily cumulative in nature. For information about how to use the release notes, see Ecosystem Component Release Notes.

Hive Version 2.1.1
Release Date March 2022
HPE Version Interoperability See Hive and HCatalog Support Matrix and Ecosystem Support Matrix and EEP Components and OS Support.
Source on GitHub https://github.com/mapr/hive
GitHub Release Tag 2.1.1-mapr-2201
Maven Artifacts See Maven Artifacts for MapR.
Package Names Navigate to https://package.ezmeral.hpe.com/releases/MEP/, and select your EEP and OS to view the list of package names.

Feature Support

  • Supports Hive-2.1.1 on Tez-0.8.4. For more information, see Tez 0.8.4 - 2201 (EEP 5.0.8) Release Notes.
  • Does not support Hive on Spark, so you cannot use Spark as an execution engine for Hive. However, you can run Hive and Spark on the same cluster. You can also use Spark SQL and Drill to query Hive tables.
  • Does not support HDFS encryption in Hive tables.
  • Does not support HBase with Hive-2.1.1 starting from mapr-core-6.0.0.
  • Does not support LLAP with Hive-2.1.1, as Apache Slider is not a MapR supported ecosystem component.
  • Starting from Hive 2.1, Hive needs to run the schematool command as an initialization step.

New Features

  • None.

Changes in Security with Default Configuration

  • None.
IMPORTANT

Because hive.users.in.admin.role and hive.security.authorization.manager were added to the default Hive configuration, some actions in Hive are restricted according to security best practices and CVE-2018-11777

The new class FallbackHiveAuthorizerFactory does the following to mitigate the above-mentioned CVE-2018-11777:

  • Disallows local file location in SQL statements for all except the administrator.
  • Allows set only selected white list parameters.
  • Disallows dfs commands for all except the administrator.
  • Disallows ADD JAR statements for all except the administrator.
  • Disallows COMPILE statements for all except the administrator.
  • Disallows TRANSFORM statements.
For more information, refer to the documentation that describes FallbackHiveAuthorizerFactory.

Known Issues

  • None.

Fixes

This release by HPE includes the following fixes on the base Apache release. For complete details, refer to the commit log for this project in GitHub.

Commit Date (YYYY-MM-DD) Comment
7f4602a742 2022-01-05 MAPR-HIVE-919: FAILURE! - in org.apache.hadoop.hive.ql.metadata.TestHive
f087c5d317 2022-01-05 EEP-HIVE-1097: Override disruptor dependency
b70b4ffaa3 2022-01-05 EEP-HIVE-1097: CVE-2021-44228 - Log4j vulnerability

This release by HPE also includes the following backported issues. For complete details, refer to the commit log for this project in GitHub.

Commit Date (YYYY-MM-DD) Comment
6367e54c8f 2022-01-19 HIVE-21455: Too verbose logging in AvroGenericRecordReader (Miklos Szurap, reviewed by David Mollitor and Peter Vary)