MapR Data Science Refinery Release Notes

This section contains release notes for the MapR Data Science Refinery.

Important: If you downloaded a copy of the MapR Data Science Refinery prior to May 30, 2018, you may need to update your docker image. Read the following section to learn more.

Older Releases of the MapR Data Science Refinery

Version 1.0 and earlier instances of the 1.1 and 1.2 versions of the Data Science Refinery have a security vulnerability. The vulnerability allows users, other than the one you have configured, to access the Zeppelin UI. To determine if you are using an image that has this vulnerability, check the id of your docker image by running the following command:

docker images

The following is sample output from the command. The third column corresponds to the image id:

REPOSITORY                       TAG                        IMAGE ID            CREATED             SIZE
maprtech/data-science-refinery   v1.2_6.0.1_5.0.0_centos7   fb10d575b45f        5 days ago          3.94GB

If your image id matches any of the ids shown in the following table, then you must pull a newer version of the docker image.

Data Science Refinery Version Number Operating System Vulnerable Image Id
1.2 Ubuntu 16 fab3fc7a719e
CentOS 7 0e746a584940
1.1 Ubuntu 16 310a209f8089
CentOS 7 2caf2307bb0b
1.0 All operating systems All ids

See Accessing the Zeppelin Docker Image for instructions on how to download the latest image.

For more information about this security vulnerability, see Zeppelin Authentication: Passwords in Shiro are overwritten.