Ruslan Kulynych created DATALAB-2733:
----------------------------------------
Summary: [GCP] Error during Dataproc cluster creation "Selected
software image version is vulnerable to remote code execution"
Key: DATALAB-2733
URL: https://issues.apache.org/jira/browse/DATALAB-2733
Project: Apache DataLab
Issue Type: Bug
Security Level: Public (Regular Issues)
Affects Versions: v.2.5.2
Reporter: Ruslan Kulynych
Assignee: Leonid Frolov
Fix For: v.2.5.2
Attachments: gcp_dataproc_error_version.PNG
*Preconditions:*
# Jupyter notebook is in running status
*Steps to reproduce:*
# Create Dataproc cluster
*Actual result:*
# Dataproc cluster creation error
{code:java}
"Selected software image version 2.0.0-RC22-ubuntu18 is vulnerable to remote
code execution due to a log4j vulnerability (CVE-2021-44228) and cannot be used
to create new clusters. Please upgrade to image versions >=1.3.95, >=1.4.77,
>=1.5.53, or >=2.0.27. For more information, see
https://cloud.google.com/dataproc/docs/guides/recreate-cluster";. Details:
"Selected software image version 2.0.0-RC22-ubuntu18 is vulnerable to remote
code execution due to a log4j vulnerability (CVE-2021-44228) and cannot be used
to create new clusters. Please upgrade to image versions >=1.3.95, >=1.4.77,
>=1.5.53, or >=2.0.27."> {code}
*Expected result:*
# Dataproc cluster creation is successful
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
