July 30, 2025
This release (1.24.1-H1) of the Cloudera Data Engineering service on Cloudera on cloud introduces the following changes.
This release does not contain new features, but includes the following fixes:
DEX-17716: sparkuser home directory is not created after chainguard upgrade in livy-server image
The issue impacted customers using
spark.jars.packages=mysql:mysql-connector-java:8.0.28
. This issue has
been fixed.
DEX-17567: Azure MySQL Root Certificate update
The root certificates for Azure MySQL Flexible database were updated due to security non-compliance of the SHA-1 certificate. The SHA-1 hashing algorithm is considerably insecure, due to discovered vulnerabilities. Cloudera resolved the issue by rotating the certificate to one signed by a compliant root certificate authority.
DEX-17519: Sessions are not killed as per the TTL configured in Azure and AWS
Sessions were not killed according to the Time To Live (TTL) configured in Azure and in AWS.
The calculation of timeout was wrong in the isTimeout
method in the Livy
code. The isTimeout
method of the Livy code incorrectly converted a timeout
value that was already provided in nanoseconds, leading to miscalculation of the timeout.
For this reason, the sessions were not killed after the timeout was reached.
DEX-17507: Restore of Scheduled Jobs are failing due to time format
Restoring the Spark Jobs with the Schedule Configuration
failed if the start
date or end date used a time format other than RFC3339Nano. This issue affected only jobs
created through non-UI methods, such as the API or CLI. The fix standardizes schedule start
and end times to RFC3339Micro format, ensuring alignment with Airflow API timestamps at
microsecond precision.
DEX-17500: [CDP Cli] Spark OsName "chainguard" not triggering error in Cloudera Data Engineering version 1.23.1 VC
Cloudera Data Engineering allowed the creation of a Virtual Cluster with the
securityhardened
spark.osname
property in Cloudera Data Engineering versions lower
than 1.24, without any error message. The underlying use of UBI [redhat]
was technically correct; however, it caused confusion, as the Virtual Cluster property
indicated securityhardened
. With the fix, an error is now triggered if
securityhardened
is specified in Cloudera Data Engineering
versions lower than 1.24.
DEX-17458: [Spark3.3.0] : Cloudera Data Engineering session creation is failing with javax.security.sasl.SaslException: Client closed before SASL negotiation finished
Cloudera Data Engineering sessions in a Spark 3.3.0 Virtual Cluster failed to be created. The following error was listed in the driver logs:
Exception in thread "main" java.util.concurrent.ExecutionException:
javax.security.sasl.SaslException: Client closed before SASL negotiation finished
The root cause was determined to be a TTL issue rather than an SASL issue.