ZEPPELIN-5249 upgrade libthrift due to CVEs

[pjfanning]

What is this PR for?

A few sentences describing the overall goals of the pull request's commits.
First time? Check out the contributing guide - https://zeppelin.apache.org/contribution/contributions.html

• upgrade libthrift due to CVEs and bug fixes
• I have ignored https://issues.apache.org/jira/browse/ZEPPELIN-4107 - but using libthrift 0.15.0 with classes generated with 0.13.0 compiler should still work and we get the benefit of the runtime fixes in libthrift 0.15.0

What type of PR is it?

Bug Fix

Todos

• - Task

What is the Jira issue?

• https://issues.apache.org/jira/browse/ZEPPELIN/ZEPPELIN-5249

How should this be tested?

• Strongly recommended: add automated unit tests for any new or changed behavior
• Outline any manual steps to test the PR here.

Screenshots (if appropriate)

Questions:

• Does the licenses files need update?
• Is there breaking changes for older versions?
• Does this needs documentation?

[Reamer]

We have some problems with a thrift update. Take a look at #4089.
Maybe it will work without a maven-shade-plugin update and my approaches in https://github.com/Reamer/zeppelin/tree/interpreter_shade

[pjfanning]

@Reamer I see the failing tests. Cassandra jars may need to be upgraded. Also, Hive jars may need to be upgraded - it appears old versions of Hive rely on out of date libthrift but that Hive has been upgraded recently (https://issues.apache.org/jira/browse/HIVE-25098) - the HIve issue seems to be at least 1 issue affecting Spark tests