Google Distributed Cloud air-gapped 1.13.7 release notes

January 16, 2025

---

---

The following security vulnerabilities are fixed:

• CVE-2021-47212
• CVE-2022-36402
• CVE-2023-3019
• CVE-2023-52531
• CVE-2023-52614
• CVE-2024-9287
• CVE-2024-10573
• CVE-2024-26607
• CVE-2024-26640
• CVE-2024-26641
• CVE-2024-26668
• CVE-2024-26669
• CVE-2024-26800
• CVE-2024-26885
• CVE-2024-26891
• CVE-2024-26960
• CVE-2024-27051
• CVE-2024-27397
• CVE-2024-35848
• CVE-2024-37891
• CVE-2024-38602
• CVE-2024-38611
• CVE-2024-38630
• CVE-2024-40929
• CVE-2024-41071
• CVE-2024-41073
• CVE-2024-42229
• CVE-2024-42244
• CVE-2024-45016
• CVE-2024-47814
• CVE-2024-52530
• CVE-2024-52531
• CVE-2024-52532
• CVE-2024-52533

---

To take advantage of the bug and security vulnerability fixes, you must upgrade all nodes with each release.

The following security vulnerabilities are fixed:

• CVE-2007-4559
• CVE-2020-10735
• CVE-2021-28861
• CVE-2022-44638
• CVE-2022-45061
• CVE-2023-24329
• CVE-2023-27043
• CVE-2023-29491
• CVE-2023-40217
• CVE-2024-3596
• CVE-2024-4032
• CVE-2024-6232
• CVE-2024-6923
• CVE-2024-24806

---

Logging:

• The HaaS Logger shows errors in the root admin cluster.
• The santricity logger fails.
• The LoggingTarget logs are sent to an incorrect project.

Marketplace:

• The Prisma Cloud image pull fails.

Networking:

• The Upper Networking control plane dashboard shows no data due to missing metrics.

Upgrade:

• The uporc-root-backend-controller deployment under the namespace uporc-system crash loops in the KIND cluster.

Vertex AI:

• The Vertex AI pre-trained services are unavailable.

---

Version updates:

• The Google Distributed Cloud for bare metal version is updated to 1.29.900-gke.180 to apply the latest security patches and important updates.
  
  See the Google Distributed Cloud for bare metal 1.29.900-gke.180 release notes for details.