April 27, 2022 fixed issues

This release of the Cloudera Data Warehouse (CDW) service on CDP Public Cloud fixes these issues.

CDPD-35041 Security Vulnerability with SSO for Hive Virtual Warehouses in CDW Public Cloud
This release fixes the SSO-related problem that occurred only in Hive Virtual Warehouses in Cloudera Data Warehouse version 2021.0.6-b96 released on March 8, 2022. This problem affected tenants who had the CDW_ALLOW_SSO_FOR_LLAP entitlement. In a misconfigured Hive Virtual Warehouse, unauthorized users who knew the JDBC connection string and had a valid userid, could execute arbitrary SQL queries on a Hive Virtual Warehouse. This security vulnerability no longer exists. Hive now properly handles the situation by using LDAP authentication as follows: If SSO authentication is enabled for a Hive Virtual Warehouse and a user bypasses authentication altogether by removing the auth=browser option from the JDBC connection string, Hive uses LDAP authentication.