November 9, 2023 [GDC 1.9.7]
Google Distributed Cloud air-gapped 1.9.7 is now released.
See the product overview to learn about the features of Google Distributed Cloud air-gapped.
Add-on Manager:
The Google Distributed Cloud version is updated to 1.14.9 to apply the latest security patches and important updates.
See Google Distributed Cloud 1.14.9 for details.
Operations Center IT (OCIT):
- The October Microsoft patches are included.
Updated Canonical Ubuntu OS image version to 20231023 to apply the latest security patches and important updates. To take advantage of the bug and security vulnerability fixes, you must upgrade all nodes with each release. The following security vulnerabilities are fixed:
- CVE-2020-22219
- CVE-2021-4001
- CVE-2021-33294
- CVE-2022-2598
- CVE-2022-3016
- CVE-2022-3037
- CVE-2022-3099
- CVE-2022-3234
- CVE-2022-3256
- CVE-2022-3352
- CVE-2022-3520
- CVE-2022-3591
- CVE-2022-3705
- CVE-2022-4292
- CVE-2022-4293
- CVE-2022-40982
- CVE-2023-1206
- CVE-2023-1916
- CVE-2023-2269
- CVE-2023-3212
- CVE-2023-3268
- CVE-2023-3609
- CVE-2023-3611
- CVE-2023-3776
- CVE-2023-3863
- CVE-2023-4128
- CVE-2023-4156
- CVE-2023-4194
- CVE-2023-4504
- CVE-2023-4622
- CVE-2023-4623
- CVE-2023-4692
- CVE-2023-4693
- CVE-2023-4863
- CVE-2023-4881
- CVE-2023-4921
- CVE-2023-5217
- CVE-2023-20569
- CVE-2023-20588
- CVE-2023-20593
- CVE-2023-31084
- CVE-2023-32360
- CVE-2023-34319
- CVE-2023-38546
- CVE-2023-40283
- CVE-2023-42752
- CVE-2023-42753
- CVE-2023-42755
- CVE-2023-42756
- CVE-2023-42785
- CVE-2023-42786
- CVE-2023-42787
- CVE-2023-44488
Updated the gcr.io/distroless/base
base image to digest sha256:a17ac8990b4395aab186b9538ca04715d2a7408dfd2b6473ff7b16d098d0cb09
to apply the latest security patches and important updates.
The following container image security vulnerabilities are fixed:
- CVE-2019-13115
- CVE-2020-16250
- CVE-2020-19189
- CVE-2020-21047
- CVE-2020-29509
- CVE-2020-29511
- CVE-2021-3468
- CVE-2021-25741
- CVE-2021-29923
- CVE-2021-32923
- CVE-2021-33195
- CVE-2021-33196
- CVE-2021-33197
- CVE-2021-33198
- CVE-2021-34558
- CVE-2021-36221
- CVE-2021-38297
- CVE-2021-38553
- CVE-2021-38554
- CVE-2021-38561
- CVE-2021-39293
- CVE-2021-41771
- CVE-2021-41772
- CVE-2021-43565
- CVE-2021-43998
- CVE-2021-44716
- CVE-2022-1705
- CVE-2022-1962
- CVE-2022-2127
- CVE-2022-2879
- CVE-2022-2880
- CVE-2022-3821
- CVE-2022-4415
- CVE-2022-21698
- CVE-2022-23772
- CVE-2022-23773
- CVE-2022-23806
- CVE-2022-24675
- CVE-2022-24921
- CVE-2022-27191
- CVE-2022-27664
- CVE-2022-28131
- CVE-2022-28327
- CVE-2022-28948
- CVE-2022-29458
- CVE-2022-29526
- CVE-2022-30580
- CVE-2022-30629
- CVE-2022-30630
- CVE-2022-30631
- CVE-2022-30632
- CVE-2022-30633
- CVE-2022-30635
- CVE-2022-32148
- CVE-2022-32149
- CVE-2022-32189
- CVE-2022-40186
- CVE-2022-40982
- CVE-2022-41316
- CVE-2022-41715
- CVE-2022-41717
- CVE-2022-41723
- CVE-2022-41724
- CVE-2022-41725
- CVE-2022-48565
- CVE-2022-48566
- CVE-2023-0464
- CVE-2023-0465
- CVE-2023-0466
- CVE-2023-0620
- CVE-2023-0665
- CVE-2023-1380
- CVE-2023-2002
- CVE-2023-2007
- CVE-2023-2121
- CVE-2023-2269
- CVE-2023-2431
- CVE-2023-2650
- CVE-2023-2727
- CVE-2023-2728
- CVE-2023-2828
- CVE-2023-3090
- CVE-2023-3111
- CVE-2023-3138
- CVE-2023-3268
- CVE-2023-3338
- CVE-2023-3446
- CVE-2023-3462
- CVE-2023-3817
- CVE-2023-4680
- CVE-2023-4911
- CVE-2023-5077
- CVE-2023-20593
- CVE-2023-21930
- CVE-2023-21939
- CVE-2023-21954
- CVE-2023-21967
- CVE-2023-22041
- CVE-2023-24532
- CVE-2023-24534
- CVE-2023-24536
- CVE-2023-24537
- CVE-2023-24538
- CVE-2023-24539
- CVE-2023-24540
- CVE-2023-24999
- CVE-2023-25000
- CVE-2023-29400
- CVE-2023-29402
- CVE-2023-29403
- CVE-2023-29404
- CVE-2023-29405
- CVE-2023-29406
- CVE-2023-29491
- CVE-2023-31084
- CVE-2023-32233
- CVE-2023-32324
- CVE-2023-32360
- CVE-2023-34241
- CVE-2023-34966
- CVE-2023-34967
- CVE-2023-34968
- CVE-2023-35788
- CVE-2023-36054
- CVE-2023-38408
- CVE-2023-39533
- CVE-2023-40217
- CVE-2023-40745
- CVE-2023-41175
A security issue for CVE-2023-2022-40982 is fixed. The BIOS version bump applies the latest security patches.
An issue with a Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 is fixed. This issue allowed a remote attacker to perform an out-of-bounds memory write by using a crafted HTML page. (Chromium security severity: Critical). This issue usually affects anything that uses frameworks, code libraries, and OSes that incorporate Electron, another code library that uses libwebp, or has libwebp built-in directly. For more details, see CVE-2023-4863dd.
Google Distributed Cloud air-gapped 1.9.7 fixes an issue when system cluster BGP Sessions cannot be established due to overlapping ClusterIPs.
Google Distributed Cloud air-gapped 1.9.7 has a known issue where role-based access control (RBAC) and schema settings in the VM manager is stopping users from starting VM backup and restore processes.
Google Distributed Cloud air-gapped 1.9.7 has a known
issue with the upgrade where NodeUpgrade
gets stuck in the in process
status.
Google Distributed Cloud air-gapped 1.9.7 has a known issue where the root admin node and operating system upgrade does not progress.
Google Distributed Cloud air-gapped 1.9.7 has a known issue where the artifact distribution fails after attaching signatures.
Google Distributed Cloud air-gapped 1.9.7 has a known issue where alerts in organization system clusters don't reach the ticketing system.