♊️ GemiNews 🗞️

Demo 1: Embeddings + Recommendation Demo 2: Bella RAGa Demo 3: NewRetriever Demo 4: Assistant function calling

🗞️March 25, 2024

🗿Semantically Similar Articles (by :title_embedding)

March 25, 2024

2024-03-25 - (from GCP latest releases)

AlloyDB for PostgreSQL Issue AlloyDB clusters created using the Google Cloud CLI, the AlloyDB Admin API, or Terraform have PostgreSQL 14 compatibility by default, instead of PostgreSQL 15 compatibility. To mitigate this issue, take either one of the following steps: Specify PostgreSQL version 15 when creating a cluster, instead of relying on the default value. Use the Google Cloud console to create the cluster. Artifact Registry Feature The software bill of materials (SBOM) feature is now Generally Available (GA). To learn more, see SBOM overview. Changed Artifact Analysis support for Vulnerability Exploitability eXchange (VEX) statements now includes the capability to upload VEX statements for multiple versions of an image. You can specify whether to associate a VEX statement with one image digest, or all versions of an image. This feature is in Preview. To learn more, see Upload VEX statements. Backup and DR Feature Backup and DR Service added support to view daily scheduled compliance logs in Cloud Logging. Feature Backup and DR Service added support to view daily scheduled compliance reports in BigQuery. BigQuery Libraries A weekly digest of client library updates from across the Cloud SDK. JavaChanges for google-cloud-bigquery 2.38.2 (2024-03-21) Dependencies Update actions/checkout action (#3190) (940e4f6) Update arrow.version to v15.0.1 (#3189) (fb6284e) Update dependency com.google.api.grpc:proto-google-cloud-bigqueryconnection-v1 to v2.39.0 (#3186) (9e705a1) Update dependency com.google.apis:google-api-services-bigquery to v2-rev20240229-2.0.0 (#3188) (a018424) Update dependency com.google.cloud:google-cloud-datacatalog-bom to v1.43.0 (#3187) (497ff29) Update dependency com.google.cloud:sdk-platform-java-config to v3.28.1 (#3196) (61f23a3) Update github/codeql-action action to v2.24.6 (#3178) (8843cae) Update github/codeql-action action to v2.24.7 (#3194) (2e2d730) Update github/codeql-action action to v2.24.8 (#3198) (bd81a56) Chronicle Feature Chronicle Applied Threat Intelligence helps you identify and respond to threats. When enabled, it ingests IOCs curated by Mandiant Threat Intelligence with an IC-Score greater than 80 and generates an error when a match is found. The following are some of the features of Applied Threat Intelligence. Event-level enrichment: All telemetry in Chronicle is enriched with Google Threat Intelligence which is a combination of Mandiant and Virus Total, including all threat intelligence associations like campaigns and actors. Sophisticated indicator matching: Curated out-of-the-box detections that deliver sophisticated indicator matching using augmented prioritization logic, noise reduction based on customer environment context, and other correlation techniques to maximize signal to noise. Active breach alerting: Uses Mandiant's incident response intelligence to alert on potential active breaches delivering on our no patient 1 vision. Curated behavioral detections for emerging threats: To protect against newly emerging risks and tactics, techniques, and procedures (TTPs), Applied Threat Intelligence uses real-time insights. DIY detection engineering and response automation: Access to Fusion intelligence (formerly known as Mandiant Fusion) for the following. Customer authoring of rules Customer development of response playbooks Curated views for Investigation and triage Insights: Applied Threat Intelligence provides curated views that show valuable associations between an indicator and threat actor, threat campaign, or malware, statistics about a threat observed in customer environments. These views are invaluable for all security operations workflows. For more information about Applied Threat Intelligence, see Applied Threat Intelligence overview. Cloud Asset Inventory Feature The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs. Compute Engine compute.googleapis.com/NetworkEdgeSecurityService Database Migration datamigration.googleapis.com/ConversionWorkspace Redis redis.googleapis.com/Cluster Cloud Composer Issue In Cloud Composer versions from 2.1.0 to 2.6.4, task instances that succeeded in the past can be marked as FAILED in some cases. We recommend to upgrade to Cloud Composer version 2.6.5 or later where this issue is fixed. For more information, see the related known issue. Cloud Logging Libraries A weekly digest of client library updates from across the Cloud SDK. JavaChanges for google-cloud-logging 3.16.2 (2024-03-20) Dependencies Update dependency com.google.cloud:sdk-platform-java-config to v3.28.0 (#1560) (d52e623) Update dependency com.google.cloud:sdk-platform-java-config to v3.28.1 (#1563) (81aa3e6) Cloud SQL for MySQL Feature Private Service Connect now includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances. Both features are in GA. Cloud SQL for PostgreSQL Feature Private Service Connect now includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances. Both features are in GA. Cloud SQL for SQL Server Feature You can now use Private Service Connect to connect to a Cloud SQL for SQL Server instance. This solution allows you to connect to the instance from multiple VPC networks that belong to different groups, teams, projects, or organizations. Private Service Connect includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances. All features are in GA. Container Optimized OS Changed cos-beta-113-18244-1-7 Kernel Docker Containerd GPU Drivers COS-6.1.77 v24.0.9 v1.7.10 v535.154.05(default, latest),v470.223.02(R470 for compatibility with K80 GPUs) Announcement Updates to Major Packages: Feature Updated cos-gpu-installer to v2.2.0. Some key features of this update include: Switched precompiled driver and signature location to COS build artifacts for M109. This fixes a permissions issue in the GPU driver install directory with OSS drivers. Added major version specification for GPU driver installation. Changed Update default and latest NVIDIA GPU drivers to v535.154.05. Changed Updated sys-apps/systemd to v254.9. Changed Updated docker-credential-gcr to v2.1.22. Changed Updated app-containers/docker-cli to v24.0.5. Changed Updated app-emulation/kubernetes to v1.29.1. Changed Updated app-containers/containerd to v1.7.10. Changed Updated app-containers/runc to v1.1.12. Changed Upgraded app-emulation/cloud-init to v23.4.3. Fixed Upgraded app-admin/oslogin to v20231004.00. Changed Upgraded app-admin/google-osconfig-agent to v20240126.00. Changed Upgraded app-admin/google-guest-agent to v20240213.00. Changed Upgraded app-admin/google-guest-configs to v20240122.00. Changed Updated app-admin/sosreport to v4.6.1. Changed Updated latest GPU driver to v535.104.05. Changed Updated GPU drivers to v535.54.03 (R535 LTSB NVIDIA branch). Changed Upgraded app-containers/docker-credential-helpers to v0.8.1. Changed Runtime sysctl changes: Added: net.ipv4.tcp_backlog_ack_defer: 1 Changed: fs.epoll.max_user_watches: 1809920 -> 1809474 Changed: fs.fanotify.max_user_marks: 67577 -> 67560 Changed: fs.file-max: 812606 -> 812400 Changed: fs.inotify.max_user_watches: 63456 -> 63441 Changed: kernel.threads-max: 63520 -> 63504 Changed: net.core.optmem_max: 20480 -> 131072 Changed: net.ipv4.tcp_mem: 94092 125456 188184 -> 94068 125424 188136 Changed: net.ipv4.udp_mem: 188184 250912 376368 -> 188136 250848 376272 Changed: net.ipv6.route.max_size: 4096 -> 2147483647 Changed: user.max_cgroup_namespaces: 31760 -> 31752 Changed: user.max_fanotify_marks: 67577 -> 67560 Changed: user.max_inotify_watches: 63456 -> 63441 Changed: user.max_ipc_namespaces: 31760 -> 31752 Changed: user.max_mnt_namespaces: 31760 -> 31752 Changed: user.max_net_namespaces: 31760 -> 31752 Changed: user.max_pid_namespaces: 31760 -> 31752 Changed: user.max_time_namespaces: 31760 -> 31752 Changed: user.max_user_namespaces: 31760 -> 31752 Changed: user.max_uts_namespaces: 31760 -> 31752 Changed: vm.lowmem_reserve_ratio: 256 256 32 0 -> 256 256 32 0 0 Added: net.netfilter.nf_flowtable_tcp_timeout: 30 Added: net.netfilter.nf_flowtable_udp_timeout: 30 Changed: fs.file-max: 812608 -> 812606 Added: net.ipv4.tcp_shrink_window: 0 Added: net.ipv6.conf.all.accept_ra_min_lft: 0 Added: net.ipv6.conf.default.accept_ra_min_lft: 0 Added: net.ipv6.conf.docker0.accept_ra_min_lft: 0 Added: net.ipv6.conf.eth0.accept_ra_min_lft: 0 Added: net.ipv6.conf.lo.accept_ra_min_lft: 0 Added: kernel.io_uring_disabled: 0 Changed: fs.file-max: 812619 -> 812608 Changed: kernel.threads-max: 63519 -> 63520 Changed: net.netfilter.nf_conntrack_sctp_timeout_shutdown_recd: 0 -> 3 Changed: net.netfilter.nf_conntrack_sctp_timeout_shutdown_sent: 0 -> 3 Changed: user.max_cgroup_namespaces: 31759 -> 31760 Changed: user.max_ipc_namespaces: 31759 -> 31760 Changed: user.max_mnt_namespaces: 31759 -> 31760 Changed: user.max_net_namespaces: 31759 -> 31760 Changed: user.max_pid_namespaces: 31759 -> 31760 Changed: user.max_time_namespaces: 31759 -> 31760 Changed: user.max_user_namespaces: 31759 -> 31760 Changed: user.max_uts_namespaces: 31759 -> 31760 Changed: fs.epoll.max_user_watches: 1809474 -> 1809452 Changed: fs.file-max: 812400 -> 812392 Changed: kernel.threads-max: 63504 -> 63503 Changed: net.ipv4.tcp_mem: 94068 125424 188136 -> 94065 125423 188130 Changed: net.ipv4.udp_mem: 188136 250848 376272 -> 188133 250847 376266 Changed: user.max_cgroup_namespaces: 31752 -> 31751 Changed: user.max_ipc_namespaces: 31752 -> 31751 Changed: user.max_mnt_namespaces: 31752 -> 31751 Changed: user.max_net_namespaces: 31752 -> 31751 Changed: user.max_pid_namespaces: 31752 -> 31751 Changed: user.max_time_namespaces: 31752 -> 31751 Changed: user.max_user_namespaces: 31752 -> 31751 Changed: user.max_uts_namespaces: 31752 -> 31751 Changed: fs.file-max: 812620 -> 812619 Added: fs.overflowgid: 65534 Added: fs.overflowuid: 65534 Announcement New Features and Changes in the Linux Kernel: Feature Added additional option to existing kernel cmdline flag that moves protected stateful partition integrity tags to memory. Fixed Fixed a kernel crash that occurred when running Postgres databases. Feature Enabled TDX Guest support in the Linux Kernel. Changed Updated the Linux kernel to v6.1.77. Announcement New Features and Changes in the Image: Feature Changed default umask value for a user to 027. Feature Removed legacy logging agent (fluentd). Feature Fragmented nvidia-drivers and nvidia-drivers-open pkg into separate packages per major version. Feature Enhanced integrity-fs with disk resize and dm-clone. Feature Removed deprecated R525 NVIDIA GPU drivers. Feature Added support for dm-zero and dm-clone. Feature Sosreport now includes GPU Installer logs. Fixed Fixed a performance issue that was observed in Postgres databases. Fixed Fixed a container performance issue that occurred after running systemctl start cloud-audit-setup. Feature Updated NVIDIA GPU drivers. Feature Backported support for TCP RTO configuration in networkd. Feature Enable portmapper registration reporting for lsof. This also fixes an issue where lsof is missing from SOS reports. Feature Add compiler mitigations to mitigate memory corruption vulnerabilities. Feature Sequence named before nss-lookup.target. Fixed Restore systemd-logind restart behavior when dbus restarts. Changed Fixed an issue where symlinks could not be moved. Fixed Fixed an issue where IPv6 networking would fail under high CPU load. Fixed Fixed an issue with NFS reconnects on GKE. Fixed The get_metadata_value script will now retry if it experiences a connection error. Fixed Enabled persistence mode with Nvidia GPU driver installation. Fixed Fixed an issue in ip6tables where the -C option did not work correctly. Changed Simplified GPU driver installation by remounting driver installation path as executable from cos-extensions. Feature Added support for user.* xattr on tmpfs. Feature Added automatic generation of known modules list to image build process. Feature Include nvidia plugin into sosreport. Feature Added support for iSCSI targets and RAM block devices. Fixed Fixed a time-to-login slowdown introduced by cloud-init changes. Announcement CVE/Security Fixes: Security Fixed CVE-2024-21626 in app-containers/runc. Security Upgraded app-editors/vim to v9.0.2167 and app-editors/vim-core to v9.0.2167. This resolves CVE-2023-4733, CVE-2023-4734, CVE-2023-4735, CVE-2023-4736, CVE-2023-4738, CVE-2023-4750, CVE-2023-4752, CVE-2023-4781, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535. Security Updated dev-lang/go to v1.21.5. This fixes CVE-2023-45285 and CVE-2023-39326. Security Upgraded dev-go/crypto to v0.17.0. This fixes CVE-2023-48795. Security Upgraded sys-apps/dbus to v1.12.28. This fixes CVE-2023-34969. Security Fixed CVE-2023-49083 in package dev-python/cryptography. Security Fixed CVE-2023-6622, CVE-2023-5197, CVE-2023-42753, CVE-2023-4921, CVE-2023-4623, CVE-2023-4194, CVE-2024-23851, CVE-2024-26581 in the Linux kernel. Security Updated net-libs/nghttp2 to v1.57.0. This resolves CVE-2023-44487 and CVE-2023-35945. Security Updated dev-go/net to v0.17.0. This resolves CVE-2023-44487 and CVE-2023-39325. Security Fixed CVE-2023-4911 in sys-libs/glibc. Security Fixed CVE-2023-38039 in net-misc/curl. Security Fixed CVE-2023-5345 and CVE-2023-42756 in COS kernel. Security Fixed CVE-2023-32636, CVE-2023-29499, CVE-2023-32643, CVE-2023-32665, CVE-2023-32611 in glib and glib-utils. Security Upgraded sys-fs/mdadm to v4.2. This resolves CVE-2023-28938 and CVE-2023-28736. Security Fixed CVE-2023-4016 in sys-process/procps. Security Updated dev-go/yaml to v3.0.1. This resolves CVE-2022-28948. Security Fixed CVE-2022-40896 in pygments. Security Fixed CVE-2023-24329 and CVE-2023-40217 in dev-lang/python. Security Fixed ncurses upgrade to 6.4p20220423. This resolves CVE-2023-29491. Security Upgraded dev-db/sqlite to v3.45.1-r1. This also fixes CVE-2023-7104. Security Fixed CVE-2023-40546, CVE-2023-40548, CVE-2023-40549, CVE-2023-40551, CVE-2023-40547, and CVE-2023-40550 in sys-boot/shim. Security Upgrade docker to v24.0.9. This fixes CVE-2024-24557. Security Updated dev-libs/openssl to v3.0.13. This resolves CVE-2024-0727 and CVE-2023-6129. Security Fixed CVE-2024-0684 in sys-apps/coreutils. Security Upgraded net-misc/curl to version 8.6.0. This fixes CVE-2024-0853 and CVE-2023-38545. Security Updated dev-libs/libxml2 to 2.11.7. This fixes CVE-2024-25062. Security Updated default GPU driver to v470.199.02 and latest GPU driver to v525.125.06. This resolves CVE-2023-25515 and CVE-2023-25516. Announcement Updates for Minor Packages: Changed Upgraded dev-libs/nss to v3.97. Changed Upgraded net-libs/gnutls to v3.8.3. Changed Upgraded dev-python/jinja to v3.1.3. Fixed Upgraded app-admin/node-problem-detector to v0.8.15. Fixed Upgraded app-eselect/eselect-iptables to v20220320. Fixed Upgraded sys-libs/libcap-ng to v0.8.4-r1. Fixed Upgraded net-misc/rsync to v3.2.7-r4. Fixed Upgraded dev-python/netifaces to v0.11.0-r2. Fixed Upgraded net-libs/libtirpc to v1.3.4-r1. Fixed Upgraded app-admin/sudo to v1.9.15_p5. Fixed Upgraded app-misc/jq to v1.7.1. Fixed Upgraded sys-apps/pv to v1.8.5. Fixed Upgraded sys-process/lsof to v4.99.3. Fixed Upgraded dev-util/bsdiff to v4.3.1-r42. Fixed Updated net-misc/openssh to v9.6_p1-r1. Changed Upgraded sys-apps/less to v643-r1. Fixed Upgraded chromeos-base/mojo_service_manager to v0.0.1-r271. Fixed Upgraded net-misc/socat to v1.8.0.0. Fixed Upgraded dev-python/jsonpatch to v1.33. Fixed Upgraded dev-python/pyyaml to v6.0.1-r1. Fixed Upgraded dev-lang/python-exec to v2.4.10. Fixed Upgraded dev-python/six to v1.16.0-r1. Fixed Upgraded dev-python/configobj to v5.0.8. Fixed Upgraded dev-python/nose to v1.3.7_p20221026. Fixed Upgraded dev-python/mock to v5.1.0. Fixed Upgraded dev-python/pyserial to v3.5-r2. Fixed Upgraded sys-apps/hwdata to v0.376. Changed Upgraded sys-fs/xfsprogs to v6.5.0. Changed Upgraded dev-python/pygobject to v3.46.0. Fixed Upgraded sys-devel/libtool to v2.4.6-r7. Fixed Upgraded dev-libs/double-conversion to v3.2.1. Fixed Upgraded net-fs/cifs-utils to v7.0-r1, Upgraded sys-libs/talloc to v2.4.1. Fixed Upgraded app-arch/unzip to v6.0_p27-r1. Fixed Upgraded sys-apps/dmidecode to v3.5-r3. Fixed Upgraded dev-util/gn to v2121. Fixed Upgraded chromeos-base/chromeos-dbus-bindings to v0.0.1-r2787. Changed Updated dev-embedded/libftdi to v1.5-r5. Fixed Upgraded sys-apps/coreutils to v9.4. Fixed Upgraded sys-process/procps to v4.0.4. Changed Updated dev-go/go-tools to v0.11.1_p20230712. Fixed Upgraded app-arch/pigz to v2.8. Fixed Upgraded sys-block/thin-provisioning-tools to v0.9.0-r2. Fixed Upgraded app-arch/tar to v1.35. Changed Upgraded app-arch/xz-utils to v5.4.6-r1. Changed Upgraded app-misc/ca-certificates to v20230311.3.97. Changed Upgraded net-dns/c-ares to v1.26.0. Changed Upgraded net-dns/libidn2 to v2.3.7. Changed Upgraded sys-apps/attr to v2.5.2-r1. Changed Upgraded sys-apps/ethtool to v6.7. Changed Upgraded sys-apps/file to v5.45-r4. Changed Upgraded sys-libs/libcap to v2.69-r1. Changed Upgraded sys-libs/timezone-data to v2024a. Changed Upgraded sys-libs/zlib to v1.3.1-r1. Changed Upgraded dev-libs/libusb to v1.0.27. Changed Upgraded dev-libs/expat to v2.6.0. Changed Upgraded sys-apps/acl to v2.3.2. Changed Updated gzip to v1.13. Changed Upgraded sys-auth/pambase to v20240128. Changed Upgraded net-misc/chrony to v4.5. Changed Upgraded app-containers/cni-plugins to v1.4.0. Changed Upgraded sys-apps/makedumpfile to v1.7.4. Changed Upgraded chromeos-base/system_api to v0.0.1-r5643. Changed Upgraded chromeos-base/update_engine-client to v0.0.1-r2385. Changed Upgraded chromeos-base/hiberman-client to v0.0.1-r455. Changed Upgraded chromeos-base/power_manager-client to v0.0.1-r2859. Changed Upgraded chromeos-base/dlcservice-client to v0.0.1-r884. Changed Upgraded chromeos-base/vm_protos to v0.0.1-r552. Changed Upgraded chromeos-base/shill-client to v0.0.1-r4325. Changed Upgraded chromeos-base/minijail to v18-r135. Changed Upgraded chromeos-base/debugd-client to v0.0.1-r2641. Changed Upgraded chromeos-base/session_manager-client to v0.0.1-r2722. Changed Upgraded chromeos-base/chromeos-common-script to v0.0.1-r601. Changed Upgraded chromeos-base/google-breakpad to v2024.01.16.190249-r226. Changed Upgraded dev-util/puffin to v1.0.0-r450. Changed Upgraded sys-fs/squashfs-tools to v4.6.1. Changed Upgraded sys-apps/sandbox to v2.29-r1. Dialogflow Feature Dialogflow CX: The Override request-level speech model has been added to advanced speech settings. This can be used to override the speech model provided in a runtime API request. Feature Vertex AI Conversation data stores: Gemini-pro 1.0 is now officially in General Availability. The model includes optimized prompting, delivering enhanced results with minimal latency impact. Please note: prompt optimization is currently focused on English, with other languages to follow. Deprecated Vertex AI Conversation data stores: The text-bison-001 model and fine-tuned text-bison@001 options will be deprecated by Vertex AI on July 6th. Please transition as soon as possible to the default option or another model available in the settings. Feature Dialogflow CX: DTMF for telephony integrations is now available for preview. Firestore in Datastore mode Libraries A weekly digest of client library updates from across the Cloud SDK. PythonChanges for google-cloud-ndb 2.3.1 (2024-03-16) Bug Fixes grpc: Fix large payload handling when using the emulator. (#975) (d9162ae) Remove uses of six. #913 (#958) (e17129a) Show a non-None error for core_exception.Unknown errors. (#968) (66e61cc) Documentation Document how to run system tests against the emulator. (#963) (47db5b9) Note to use functools.wrap instead of utils.wrapping. (#966) (5e9f3d6) Tell users of utils.wrapping to use functools.wraps (#967) (042645b) JavaChanges for google-cloud-datastore 2.18.6 (2024-03-18) Bug Fixes deps: Update the Java code generator (gapic-generator-java) to 2.37.0 (#1355) (bcc5668) Dependencies Update dependency com.google.cloud:sdk-platform-java-config to v3.28.0 (#1372) (09db2a7) Update dependency com.google.cloud:sdk-platform-java-config to v3.28.1 (#1373) (c6e63e5) Update dependency com.google.errorprone:error_prone_core to v2.26.0 (#1361) (9442766) Update dependency com.google.errorprone:error_prone_core to v2.26.1 (#1363) (05fe5bc) Update dependency com.google.guava:guava-testlib to v33.1.0-jre (#1368) (0195345) Secret Manager Libraries A weekly digest of client library updates from across the Cloud SDK. GoChanges for secretmanager/apiv1 1.12.0 (2024-03-19) Features secretmanager: New client apiv1beta2 (#9610) (443914f) Sensitive Data Protection Fixed From February 12 through 27, 2024, a bug caused Sensitive Data Protection to inaccurately set the free-text scores of certain data profiles to 0, where they should have been higher. This bug is now resolved. All affected data profiles have been reprofiled. For more information about the discovery service, see Data profiles.

[Technology] 🌎 https://cloud.google.com/release-notes#March_25_2024

🗿article.to_s

------------------------------
Title: March 25, 2024
[content]
AlloyDB for PostgreSQL
Issue
AlloyDB clusters created using the Google Cloud CLI, the AlloyDB Admin API, or Terraform have PostgreSQL 14 compatibility by default, instead of PostgreSQL 15 compatibility.

To mitigate this issue, take either one of the following steps:


Specify PostgreSQL version 15 when creating a cluster, instead of relying on the default value.
Use the Google Cloud console to create the cluster.

Artifact Registry
Feature
The software bill of materials (SBOM) feature is now Generally Available (GA).
To learn more, see SBOM overview.
Changed
Artifact Analysis support for Vulnerability Exploitability eXchange (VEX) statements now includes the capability to upload VEX statements for multiple versions of an image. You can specify whether to associate a VEX statement with one image digest, or all versions of an image. This feature is in Preview. To learn more, see Upload VEX statements.
Backup and DR
Feature
Backup and DR Service added support to view daily scheduled compliance logs in Cloud Logging.
Feature
Backup and DR Service added support to view daily scheduled compliance reports in BigQuery.
BigQuery
Libraries
A weekly digest of client library updates from across the Cloud SDK.

JavaChanges for google-cloud-bigquery

2.38.2 (2024-03-21)

Dependencies


Update actions/checkout action (#3190) (940e4f6)
Update arrow.version to v15.0.1 (#3189) (fb6284e)
Update dependency com.google.api.grpc:proto-google-cloud-bigqueryconnection-v1 to v2.39.0 (#3186) (9e705a1)
Update dependency com.google.apis:google-api-services-bigquery to v2-rev20240229-2.0.0 (#3188) (a018424)
Update dependency com.google.cloud:google-cloud-datacatalog-bom to v1.43.0 (#3187) (497ff29)
Update dependency com.google.cloud:sdk-platform-java-config to v3.28.1 (#3196) (61f23a3)
Update github/codeql-action action to v2.24.6 (#3178) (8843cae)
Update github/codeql-action action to v2.24.7 (#3194) (2e2d730)
Update github/codeql-action action to v2.24.8 (#3198) (bd81a56)


Chronicle
Feature
Chronicle Applied Threat Intelligence helps you identify and respond to threats. When enabled, it ingests IOCs curated by Mandiant Threat Intelligence with an IC-Score greater than 80 and generates an error when a match is found. The following are some of the features of Applied Threat Intelligence.


Event-level enrichment: All telemetry in Chronicle is enriched with Google Threat Intelligence which is a combination of Mandiant and Virus Total, including all threat intelligence associations like campaigns and actors.
Sophisticated indicator matching: Curated out-of-the-box detections that deliver sophisticated indicator matching using augmented prioritization logic, noise reduction based on customer environment context, and other correlation techniques to maximize signal to noise.
Active breach alerting: Uses Mandiant's incident response intelligence to alert on potential active breaches delivering on our no patient 1 vision. 
Curated behavioral detections for emerging threats: To protect against newly emerging risks and tactics, techniques, and procedures (TTPs), Applied Threat Intelligence uses real-time insights.
DIY detection engineering and response automation: Access to Fusion intelligence (formerly known as Mandiant Fusion) for the following.


Customer authoring of rules
Customer development of response playbooks

Curated views for Investigation and triage Insights: Applied Threat Intelligence provides curated  views that show valuable associations between an indicator and threat actor, threat campaign, or malware, statistics about a threat observed in customer environments. These views are invaluable for all security operations workflows.


For more information about Applied Threat Intelligence, see Applied Threat Intelligence overview.
Cloud Asset Inventory
Feature
The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs.


Compute Engine

compute.googleapis.com/NetworkEdgeSecurityService

Database Migration

datamigration.googleapis.com/ConversionWorkspace

Redis

redis.googleapis.com/Cluster


Cloud Composer
Issue
In Cloud Composer versions from 2.1.0 to 2.6.4, task instances that succeeded in the past can be marked as FAILED in some cases. We recommend to upgrade to Cloud Composer version 2.6.5 or later where this issue is fixed. For more information, see the related known issue.
Cloud Logging
Libraries
A weekly digest of client library updates from across the Cloud SDK.

JavaChanges for google-cloud-logging

3.16.2 (2024-03-20)

Dependencies


Update dependency com.google.cloud:sdk-platform-java-config to v3.28.0 (#1560) (d52e623)
Update dependency com.google.cloud:sdk-platform-java-config to v3.28.1 (#1563) (81aa3e6)


Cloud SQL for MySQL
Feature
Private Service Connect now includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances. Both features are in GA.
Cloud SQL for PostgreSQL
Feature
Private Service Connect now includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances. Both features are in GA.
Cloud SQL for SQL Server
Feature
You can now use Private Service Connect to connect to a Cloud SQL for SQL Server instance. This solution allows you to connect to the instance from multiple VPC networks that belong to different groups, teams, projects, or organizations.

Private Service Connect includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances. 

All features are in GA.
Container Optimized OS
Changed
cos-beta-113-18244-1-7 


  
    Kernel
    Docker
    Containerd
    GPU Drivers
  
  
    COS-6.1.77
    v24.0.9
    v1.7.10
    v535.154.05(default, latest),v470.223.02(R470 for compatibility with K80 GPUs)
  

Announcement
Updates to Major Packages:
Feature
Updated cos-gpu-installer to v2.2.0. Some key features of this update include: 

Switched precompiled
driver and signature location to COS build artifacts for M109.
This fixes a permissions issue in the GPU driver install directory with OSS drivers.
Added major version specification for GPU driver installation.

Changed
Update default and latest NVIDIA GPU drivers to v535.154.05.
Changed
Updated sys-apps/systemd to v254.9.
Changed
Updated docker-credential-gcr to v2.1.22.
Changed
Updated app-containers/docker-cli to v24.0.5.
Changed
Updated app-emulation/kubernetes to v1.29.1.
Changed
Updated app-containers/containerd to v1.7.10.
Changed
Updated app-containers/runc to v1.1.12.
Changed
Upgraded app-emulation/cloud-init to v23.4.3.
Fixed
Upgraded app-admin/oslogin to v20231004.00.
Changed
Upgraded app-admin/google-osconfig-agent to v20240126.00.
Changed
Upgraded app-admin/google-guest-agent to v20240213.00.
Changed
Upgraded app-admin/google-guest-configs to v20240122.00.
Changed
Updated app-admin/sosreport to v4.6.1.
Changed
Updated latest GPU driver to v535.104.05.
Changed
Updated GPU drivers to v535.54.03 (R535 LTSB NVIDIA branch).
Changed
Upgraded app-containers/docker-credential-helpers to v0.8.1.
Changed
Runtime sysctl changes:

Added: net.ipv4.tcp_backlog_ack_defer: 1
Changed: fs.epoll.max_user_watches: 1809920 -> 1809474
Changed: fs.fanotify.max_user_marks: 67577 -> 67560
Changed: fs.file-max: 812606 -> 812400
Changed: fs.inotify.max_user_watches: 63456 -> 63441
Changed: kernel.threads-max: 63520 -> 63504
Changed: net.core.optmem_max: 20480 -> 131072
Changed: net.ipv4.tcp_mem: 94092    125456  188184 -> 94068 125424  188136
Changed: net.ipv4.udp_mem: 188184   250912  376368 -> 188136    250848  376272
Changed: net.ipv6.route.max_size: 4096 -> 2147483647
Changed: user.max_cgroup_namespaces: 31760 -> 31752
Changed: user.max_fanotify_marks: 67577 -> 67560
Changed: user.max_inotify_watches: 63456 -> 63441
Changed: user.max_ipc_namespaces: 31760 -> 31752
Changed: user.max_mnt_namespaces: 31760 -> 31752
Changed: user.max_net_namespaces: 31760 -> 31752
Changed: user.max_pid_namespaces: 31760 -> 31752
Changed: user.max_time_namespaces: 31760 -> 31752
Changed: user.max_user_namespaces: 31760 -> 31752
Changed: user.max_uts_namespaces: 31760 -> 31752
Changed: vm.lowmem_reserve_ratio: 256   256 32  0 -> 256    256 32  0   0

Added: net.netfilter.nf_flowtable_tcp_timeout: 30
Added: net.netfilter.nf_flowtable_udp_timeout: 30

Changed: fs.file-max: 812608 -> 812606

Added: net.ipv4.tcp_shrink_window: 0
Added: net.ipv6.conf.all.accept_ra_min_lft: 0
Added: net.ipv6.conf.default.accept_ra_min_lft: 0
Added: net.ipv6.conf.docker0.accept_ra_min_lft: 0
Added: net.ipv6.conf.eth0.accept_ra_min_lft: 0
Added: net.ipv6.conf.lo.accept_ra_min_lft: 0

Added: kernel.io_uring_disabled: 0
Changed: fs.file-max: 812619 -> 812608
Changed: kernel.threads-max: 63519 -> 63520
Changed: net.netfilter.nf_conntrack_sctp_timeout_shutdown_recd: 0 -> 3
Changed: net.netfilter.nf_conntrack_sctp_timeout_shutdown_sent: 0 -> 3
Changed: user.max_cgroup_namespaces: 31759 -> 31760
Changed: user.max_ipc_namespaces: 31759 -> 31760
Changed: user.max_mnt_namespaces: 31759 -> 31760
Changed: user.max_net_namespaces: 31759 -> 31760
Changed: user.max_pid_namespaces: 31759 -> 31760
Changed: user.max_time_namespaces: 31759 -> 31760
Changed: user.max_user_namespaces: 31759 -> 31760
Changed: user.max_uts_namespaces: 31759 -> 31760

Changed: fs.epoll.max_user_watches: 1809474 -> 1809452
Changed: fs.file-max: 812400 -> 812392
Changed: kernel.threads-max: 63504 -> 63503
Changed: net.ipv4.tcp_mem: 94068    125424  188136 -> 94065 125423  188130
Changed: net.ipv4.udp_mem: 188136   250848  376272 -> 188133    250847  376266
Changed: user.max_cgroup_namespaces: 31752 -> 31751
Changed: user.max_ipc_namespaces: 31752 -> 31751
Changed: user.max_mnt_namespaces: 31752 -> 31751
Changed: user.max_net_namespaces: 31752 -> 31751
Changed: user.max_pid_namespaces: 31752 -> 31751
Changed: user.max_time_namespaces: 31752 -> 31751
Changed: user.max_user_namespaces: 31752 -> 31751
Changed: user.max_uts_namespaces: 31752 -> 31751

Changed: fs.file-max: 812620 -> 812619

Added: fs.overflowgid: 65534
Added: fs.overflowuid: 65534


Announcement
New Features and Changes in the Linux Kernel:
Feature
Added additional option to existing kernel cmdline flag that moves protected stateful partition integrity tags to memory.
Fixed
Fixed a kernel crash that occurred when running Postgres databases.
Feature
Enabled TDX Guest support in the Linux Kernel.
Changed
Updated the Linux kernel to v6.1.77.
Announcement
New Features and Changes in the Image:
Feature
Changed default umask value for a user to 027.
Feature
Removed legacy logging agent (fluentd).
Feature
Fragmented nvidia-drivers and nvidia-drivers-open pkg into separate packages per major version.
Feature
Enhanced integrity-fs with disk resize and dm-clone.
Feature
Removed deprecated R525 NVIDIA GPU drivers.
Feature
Added support for dm-zero and dm-clone.
Feature
Sosreport now includes GPU Installer logs.
Fixed
Fixed a performance issue that was observed in Postgres databases.
Fixed
Fixed a container performance issue that occurred after running systemctl start cloud-audit-setup.
Feature
Updated NVIDIA GPU drivers.
Feature
Backported support for TCP RTO configuration in networkd.
Feature
Enable portmapper registration reporting for lsof. This also fixes an issue where lsof is missing from SOS reports.
Feature
Add compiler mitigations to mitigate memory corruption vulnerabilities.
Feature
Sequence named before nss-lookup.target.
Fixed
Restore systemd-logind restart behavior when dbus restarts.
Changed
Fixed an issue where symlinks could not be moved.
Fixed
Fixed an issue where IPv6 networking would fail under high CPU load.
Fixed
Fixed an issue with NFS reconnects on GKE.
Fixed
The get_metadata_value script will now retry if it experiences a connection error.
Fixed
Enabled persistence mode with Nvidia GPU driver installation.
Fixed
Fixed an issue in ip6tables where the -C option did not work correctly.
Changed
Simplified GPU driver installation by remounting driver installation path as executable from cos-extensions.
Feature
Added support for user.* xattr on tmpfs.
Feature
Added automatic generation of known modules list to image build process.
Feature
Include nvidia plugin into sosreport.
Feature
Added support for iSCSI targets and RAM block devices.
Fixed
Fixed a time-to-login slowdown introduced by cloud-init changes.
Announcement
CVE/Security Fixes:
Security
Fixed CVE-2024-21626 in app-containers/runc.
Security
Upgraded app-editors/vim to v9.0.2167 and app-editors/vim-core to v9.0.2167. This resolves CVE-2023-4733, CVE-2023-4734, CVE-2023-4735, CVE-2023-4736, CVE-2023-4738, CVE-2023-4750, CVE-2023-4752, CVE-2023-4781, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535.
Security
Updated dev-lang/go to v1.21.5. This fixes CVE-2023-45285 and CVE-2023-39326.
Security
Upgraded dev-go/crypto to v0.17.0. This fixes CVE-2023-48795.
Security
Upgraded sys-apps/dbus to v1.12.28. This fixes CVE-2023-34969.
Security
Fixed CVE-2023-49083 in package dev-python/cryptography.
Security
Fixed CVE-2023-6622, CVE-2023-5197, CVE-2023-42753, CVE-2023-4921, CVE-2023-4623, CVE-2023-4194, CVE-2024-23851, CVE-2024-26581 in the Linux kernel.
Security
Updated net-libs/nghttp2 to v1.57.0. This resolves CVE-2023-44487 and CVE-2023-35945.
Security
Updated dev-go/net to v0.17.0. This resolves CVE-2023-44487 and CVE-2023-39325.
Security
Fixed CVE-2023-4911 in sys-libs/glibc.
Security
Fixed CVE-2023-38039 in net-misc/curl.
Security
Fixed CVE-2023-5345 and CVE-2023-42756 in COS kernel.
Security
Fixed CVE-2023-32636, CVE-2023-29499, CVE-2023-32643, CVE-2023-32665, CVE-2023-32611 in glib and glib-utils.
Security
Upgraded sys-fs/mdadm to v4.2. This resolves CVE-2023-28938 and CVE-2023-28736.
Security
Fixed CVE-2023-4016 in sys-process/procps.
Security
Updated dev-go/yaml to v3.0.1. This resolves CVE-2022-28948.
Security
Fixed CVE-2022-40896 in pygments.
Security
Fixed CVE-2023-24329 and CVE-2023-40217 in dev-lang/python.
Security
Fixed ncurses upgrade to 6.4p20220423. This resolves CVE-2023-29491.
Security
Upgraded dev-db/sqlite to v3.45.1-r1. This also fixes CVE-2023-7104.
Security
Fixed CVE-2023-40546, CVE-2023-40548, CVE-2023-40549, CVE-2023-40551, CVE-2023-40547, and CVE-2023-40550 in sys-boot/shim.
Security
Upgrade docker to v24.0.9. This fixes CVE-2024-24557.
Security
Updated dev-libs/openssl to v3.0.13. This resolves CVE-2024-0727 and CVE-2023-6129.
Security
Fixed CVE-2024-0684 in sys-apps/coreutils.
Security
Upgraded net-misc/curl to version 8.6.0. This fixes CVE-2024-0853 and CVE-2023-38545.
Security
Updated dev-libs/libxml2 to 2.11.7. This fixes CVE-2024-25062.
Security
Updated default GPU driver to v470.199.02 and latest GPU driver to v525.125.06. This resolves CVE-2023-25515 and CVE-2023-25516.
Announcement
Updates for Minor Packages:
Changed
Upgraded dev-libs/nss to v3.97.
Changed
Upgraded net-libs/gnutls to v3.8.3.
Changed
Upgraded dev-python/jinja to v3.1.3.
Fixed
Upgraded app-admin/node-problem-detector to v0.8.15.
Fixed
Upgraded app-eselect/eselect-iptables to v20220320.
Fixed
Upgraded sys-libs/libcap-ng to v0.8.4-r1.
Fixed
Upgraded net-misc/rsync to v3.2.7-r4.
Fixed
Upgraded dev-python/netifaces to v0.11.0-r2.
Fixed
Upgraded net-libs/libtirpc to v1.3.4-r1.
Fixed
Upgraded app-admin/sudo to v1.9.15_p5.
Fixed
Upgraded app-misc/jq to v1.7.1.
Fixed
Upgraded sys-apps/pv to v1.8.5.
Fixed
Upgraded sys-process/lsof to v4.99.3.
Fixed
Upgraded dev-util/bsdiff to v4.3.1-r42.
Fixed
Updated net-misc/openssh to v9.6_p1-r1.
Changed
Upgraded sys-apps/less to v643-r1.
Fixed
Upgraded chromeos-base/mojo_service_manager to v0.0.1-r271.
Fixed
Upgraded net-misc/socat to v1.8.0.0.
Fixed
Upgraded dev-python/jsonpatch to v1.33.
Fixed
Upgraded dev-python/pyyaml to v6.0.1-r1.
Fixed
Upgraded dev-lang/python-exec to v2.4.10.
Fixed
Upgraded dev-python/six to v1.16.0-r1.
Fixed
Upgraded dev-python/configobj to v5.0.8.
Fixed
Upgraded dev-python/nose to v1.3.7_p20221026.
Fixed
Upgraded dev-python/mock to v5.1.0.
Fixed
Upgraded dev-python/pyserial to v3.5-r2.
Fixed
Upgraded sys-apps/hwdata to v0.376.
Changed
Upgraded sys-fs/xfsprogs to v6.5.0.
Changed
Upgraded dev-python/pygobject to v3.46.0.
Fixed
Upgraded sys-devel/libtool to v2.4.6-r7.
Fixed
Upgraded dev-libs/double-conversion to v3.2.1.
Fixed
Upgraded net-fs/cifs-utils to v7.0-r1, Upgraded sys-libs/talloc to v2.4.1.
Fixed
Upgraded app-arch/unzip to v6.0_p27-r1.
Fixed
Upgraded sys-apps/dmidecode to v3.5-r3.
Fixed
Upgraded dev-util/gn to v2121.
Fixed
Upgraded chromeos-base/chromeos-dbus-bindings to v0.0.1-r2787.
Changed
Updated dev-embedded/libftdi to v1.5-r5.
Fixed
Upgraded sys-apps/coreutils to v9.4.
Fixed
Upgraded sys-process/procps to v4.0.4.
Changed
Updated dev-go/go-tools to v0.11.1_p20230712.
Fixed
Upgraded app-arch/pigz to v2.8.
Fixed
Upgraded sys-block/thin-provisioning-tools to v0.9.0-r2.
Fixed
Upgraded app-arch/tar to v1.35.
Changed
Upgraded app-arch/xz-utils to v5.4.6-r1.
Changed
Upgraded app-misc/ca-certificates to v20230311.3.97.
Changed
Upgraded net-dns/c-ares to v1.26.0.
Changed
Upgraded net-dns/libidn2 to v2.3.7.
Changed
Upgraded sys-apps/attr to v2.5.2-r1.
Changed
Upgraded sys-apps/ethtool to v6.7.
Changed
Upgraded sys-apps/file to v5.45-r4.
Changed
Upgraded sys-libs/libcap to v2.69-r1.
Changed
Upgraded sys-libs/timezone-data to v2024a.
Changed
Upgraded sys-libs/zlib to v1.3.1-r1.
Changed
Upgraded dev-libs/libusb to v1.0.27.
Changed
Upgraded dev-libs/expat to v2.6.0.
Changed
Upgraded sys-apps/acl to v2.3.2.
Changed
Updated gzip to v1.13.
Changed
Upgraded sys-auth/pambase to v20240128.
Changed
Upgraded net-misc/chrony to v4.5.
Changed
Upgraded app-containers/cni-plugins to v1.4.0.
Changed
Upgraded sys-apps/makedumpfile to v1.7.4.
Changed
Upgraded chromeos-base/system_api to v0.0.1-r5643.
Changed
Upgraded chromeos-base/update_engine-client to v0.0.1-r2385.
Changed
Upgraded chromeos-base/hiberman-client to v0.0.1-r455.
Changed
Upgraded chromeos-base/power_manager-client to v0.0.1-r2859.
Changed
Upgraded chromeos-base/dlcservice-client to v0.0.1-r884.
Changed
Upgraded chromeos-base/vm_protos to v0.0.1-r552.
Changed
Upgraded chromeos-base/shill-client to v0.0.1-r4325.
Changed
Upgraded chromeos-base/minijail to v18-r135.
Changed
Upgraded chromeos-base/debugd-client to v0.0.1-r2641.
Changed
Upgraded chromeos-base/session_manager-client to v0.0.1-r2722.
Changed
Upgraded chromeos-base/chromeos-common-script to v0.0.1-r601.
Changed
Upgraded chromeos-base/google-breakpad to v2024.01.16.190249-r226.
Changed
Upgraded dev-util/puffin to v1.0.0-r450.
Changed
Upgraded sys-fs/squashfs-tools to v4.6.1.
Changed
Upgraded sys-apps/sandbox to v2.29-r1.
Dialogflow
Feature
Dialogflow CX: The Override request-level speech model has been added to advanced speech settings. This can be used to override the speech model provided in a runtime API request. 
Feature
Vertex AI Conversation data stores: Gemini-pro 1.0 is now officially in General Availability. The model includes optimized prompting, delivering enhanced results with minimal latency impact. Please note: prompt optimization is currently focused on English, with other languages to follow.
Deprecated
Vertex AI Conversation data stores: The text-bison-001 model and fine-tuned text-bison@001 options will be deprecated by Vertex AI on July 6th. Please transition as soon as possible to the default option or another model available in the settings.
Feature
Dialogflow CX: DTMF for telephony integrations is now available for preview.
Firestore in Datastore mode
Libraries
A weekly digest of client library updates from across the Cloud SDK.

PythonChanges for google-cloud-ndb

2.3.1 (2024-03-16)

Bug Fixes


grpc: Fix large payload handling when using the emulator. (#975) (d9162ae)
Remove uses of six. #913 (#958) (e17129a)
Show a non-None error for core_exception.Unknown errors. (#968) (66e61cc)


Documentation


Document how to run system tests against the emulator. (#963) (47db5b9)
Note to use functools.wrap instead of utils.wrapping. (#966) (5e9f3d6)
Tell users of utils.wrapping to use functools.wraps (#967) (042645b)

JavaChanges for google-cloud-datastore

2.18.6 (2024-03-18)

Bug Fixes


deps: Update the Java code generator (gapic-generator-java) to 2.37.0 (#1355) (bcc5668)


Dependencies


Update dependency com.google.cloud:sdk-platform-java-config to v3.28.0 (#1372) (09db2a7)
Update dependency com.google.cloud:sdk-platform-java-config to v3.28.1 (#1373) (c6e63e5)
Update dependency com.google.errorprone:error_prone_core to v2.26.0 (#1361) (9442766)
Update dependency com.google.errorprone:error_prone_core to v2.26.1 (#1363) (05fe5bc)
Update dependency com.google.guava:guava-testlib to v33.1.0-jre (#1368) (0195345)


Secret Manager
Libraries
A weekly digest of client library updates from across the Cloud SDK.

GoChanges for secretmanager/apiv1

1.12.0 (2024-03-19)

Features


secretmanager: New client apiv1beta2 (#9610) (443914f)


Sensitive Data Protection
Fixed
From February 12 through 27, 2024, a bug caused Sensitive Data Protection to inaccurately set the free-text scores of certain data profiles to 0, where they should have been higher. This bug is now resolved. All affected data profiles have been reprofiled.

For more information about the discovery service, see Data profiles.
[/content]

PublishedDate: 2024-03-25
Category: Technology
NewsPaper: GCP latest releases
{"id"=>856,
"title"=>"March 25, 2024",
"summary"=>nil,
"content"=>"AlloyDB for PostgreSQL\n

Issue

\n

AlloyDB clusters created using the Google Cloud CLI, the AlloyDB Admin API, or Terraform have PostgreSQL 14 compatibility by default, instead of PostgreSQL 15 compatibility.

\n\n

To mitigate this issue, take either one of the following steps:

\n\n
    \n
  • Specify PostgreSQL version 15 when creating a cluster, instead of relying on the default value.
  • \n
  • Use the Google Cloud console to create the cluster.
  • \n
\nArtifact Registry\n

Feature

\n

The software bill of materials (SBOM) feature is now Generally Available (GA).\nTo learn more, see SBOM overview.

\n

Changed

\n

Artifact Analysis support for Vulnerability Exploitability eXchange (VEX) statements now includes the capability to upload VEX statements for multiple versions of an image. You can specify whether to associate a VEX statement with one image digest, or all versions of an image. This feature is in Preview. To learn more, see Upload VEX statements.

\nBackup and DR\n

Feature

\n

Backup and DR Service added support to view daily scheduled compliance logs in Cloud Logging.

\n

Feature

\n

Backup and DR Service added support to view daily scheduled compliance reports in BigQuery.

\nBigQuery\n

Libraries

\n

A weekly digest of client library updates from across the Cloud SDK.

\n
\n

Java

Changes for google-cloud-bigquery

\n\n

2.38.2 (2024-03-21)

\n\n
Dependencies
\n\n
    \n
  • Update actions/checkout action (#3190) (940e4f6)
  • \n
  • Update arrow.version to v15.0.1 (#3189) (fb6284e)
  • \n
  • Update dependency com.google.api.grpc:proto-google-cloud-bigqueryconnection-v1 to v2.39.0 (#3186) (9e705a1)
  • \n
  • Update dependency com.google.apis:google-api-services-bigquery to v2-rev20240229-2.0.0 (#3188) (a018424)
  • \n
  • Update dependency com.google.cloud:google-cloud-datacatalog-bom to v1.43.0 (#3187) (497ff29)
  • \n
  • Update dependency com.google.cloud:sdk-platform-java-config to v3.28.1 (#3196) (61f23a3)
  • \n
  • Update github/codeql-action action to v2.24.6 (#3178) (8843cae)
  • \n
  • Update github/codeql-action action to v2.24.7 (#3194) (2e2d730)
  • \n
  • Update github/codeql-action action to v2.24.8 (#3198) (bd81a56)
  • \n
\n
\nChronicle\n

Feature

\n

Chronicle Applied Threat Intelligence helps you identify and respond to threats. When enabled, it ingests IOCs curated by Mandiant Threat Intelligence with an IC-Score greater than 80 and generates an error when a match is found. The following are some of the features of Applied Threat Intelligence.

\n\n
    \n
  • Event-level enrichment: All telemetry in Chronicle is enriched with Google Threat Intelligence which is a combination of Mandiant and Virus Total, including all threat intelligence associations like campaigns and actors.

  • \n
  • Sophisticated indicator matching: Curated out-of-the-box detections that deliver sophisticated indicator matching using augmented prioritization logic, noise reduction based on customer environment context, and other correlation techniques to maximize signal to noise.

  • \n
  • Active breach alerting: Uses Mandiant's incident response intelligence to alert on potential active breaches delivering on our no patient 1 vision.

  • \n
  • Curated behavioral detections for emerging threats: To protect against newly emerging risks and tactics, techniques, and procedures (TTPs), Applied Threat Intelligence uses real-time insights.

  • \n
  • DIY detection engineering and response automation: Access to Fusion intelligence (formerly known as Mandiant Fusion) for the following.

    \n\n
      \n
    • Customer authoring of rules
    • \n
    • Customer development of response playbooks
    • \n
  • \n
  • Curated views for Investigation and triage Insights: Applied Threat Intelligence provides curated views that show valuable associations between an indicator and threat actor, threat campaign, or malware, statistics about a threat observed in customer environments. These views are invaluable for all security operations workflows.

  • \n
\n\n

For more information about Applied Threat Intelligence, see Applied Threat Intelligence overview.

\nCloud Asset Inventory\n

Feature

\n

The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs.

\n\n
    \n
  • Compute Engine\n
      \n
    • compute.googleapis.com/NetworkEdgeSecurityService
    • \n
  • \n
  • Database Migration\n
      \n
    • datamigration.googleapis.com/ConversionWorkspace
    • \n
  • \n
  • Redis\n
      \n
    • redis.googleapis.com/Cluster
    • \n
  • \n
\nCloud Composer\n

Issue

\n

In Cloud Composer versions from 2.1.0 to 2.6.4, task instances that succeeded in the past can be marked as FAILED in some cases. We recommend to upgrade to Cloud Composer version 2.6.5 or later where this issue is fixed. For more information, see the related known issue.

\nCloud Logging\n

Libraries

\n

A weekly digest of client library updates from across the Cloud SDK.

\n
\n

Java

Changes for google-cloud-logging

\n\n

3.16.2 (2024-03-20)

\n\n
Dependencies
\n\n
    \n
  • Update dependency com.google.cloud:sdk-platform-java-config to v3.28.0 (#1560) (d52e623)
  • \n
  • Update dependency com.google.cloud:sdk-platform-java-config to v3.28.1 (#1563) (81aa3e6)
  • \n
\n
\nCloud SQL for MySQL\n

Feature

\n

Private Service Connect now includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances. Both features are in GA.

\nCloud SQL for PostgreSQL\n

Feature

\n

Private Service Connect now includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances. Both features are in GA.

\nCloud SQL for SQL Server\n

Feature

\n

You can now use Private Service Connect to connect to a Cloud SQL for SQL Server instance. This solution allows you to connect to the instance from multiple VPC networks that belong to different groups, teams, projects, or organizations.

\n\n

Private Service Connect includes support for cross-region read replicas. You can also choose an availability type (REGIONAL or ZONAL) for Private Service Connect-enabled instances.

\n\n

All features are in GA.

\nContainer Optimized OS\n

Changed

\n

cos-beta-113-18244-1-7

\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n
KernelDockerContainerdGPU Drivers
COS-6.1.77v24.0.9v1.7.10v535.154.05(default, latest),v470.223.02(R470 for compatibility with K80 GPUs)
\n

Announcement

\n

Updates to Major Packages:

\n

Feature

\n

Updated cos-gpu-installer to v2.2.0. Some key features of this update include: \n

    \n
  • Switched precompiled\ndriver and signature location to COS build artifacts for M109.
  • \n
  • This fixes a permissions issue in the GPU driver install directory with OSS drivers.
  • \n
  • Added major version specification for GPU driver installation.
  • \n

\n

Changed

\n

Update default and latest NVIDIA GPU drivers to v535.154.05.

\n

Changed

\n

Updated sys-apps/systemd to v254.9.

\n

Changed

\n

Updated docker-credential-gcr to v2.1.22.

\n

Changed

\n

Updated app-containers/docker-cli to v24.0.5.

\n

Changed

\n

Updated app-emulation/kubernetes to v1.29.1.

\n

Changed

\n

Updated app-containers/containerd to v1.7.10.

\n

Changed

\n

Updated app-containers/runc to v1.1.12.

\n

Changed

\n

Upgraded app-emulation/cloud-init to v23.4.3.

\n

Fixed

\n

Upgraded app-admin/oslogin to v20231004.00.

\n

Changed

\n

Upgraded app-admin/google-osconfig-agent to v20240126.00.

\n

Changed

\n

Upgraded app-admin/google-guest-agent to v20240213.00.

\n

Changed

\n

Upgraded app-admin/google-guest-configs to v20240122.00.

\n

Changed

\n

Updated app-admin/sosreport to v4.6.1.

\n

Changed

\n

Updated latest GPU driver to v535.104.05.

\n

Changed

\n

Updated GPU drivers to v535.54.03 (R535 LTSB NVIDIA branch).

\n

Changed

\n

Upgraded app-containers/docker-credential-helpers to v0.8.1.

\n

Changed

\n

Runtime sysctl changes:\n

    \n
  • Added: net.ipv4.tcp_backlog_ack_defer: 1
  • \n
  • Changed: fs.epoll.max_user_watches: 1809920 -> 1809474
  • \n
  • Changed: fs.fanotify.max_user_marks: 67577 -> 67560
  • \n
  • Changed: fs.file-max: 812606 -> 812400
  • \n
  • Changed: fs.inotify.max_user_watches: 63456 -> 63441
  • \n
  • Changed: kernel.threads-max: 63520 -> 63504
  • \n
  • Changed: net.core.optmem_max: 20480 -> 131072
  • \n
  • Changed: net.ipv4.tcp_mem: 94092 125456 188184 -> 94068 125424 188136
  • \n
  • Changed: net.ipv4.udp_mem: 188184 250912 376368 -> 188136 250848 376272
  • \n
  • Changed: net.ipv6.route.max_size: 4096 -> 2147483647
  • \n
  • Changed: user.max_cgroup_namespaces: 31760 -> 31752
  • \n
  • Changed: user.max_fanotify_marks: 67577 -> 67560
  • \n
  • Changed: user.max_inotify_watches: 63456 -> 63441
  • \n
  • Changed: user.max_ipc_namespaces: 31760 -> 31752
  • \n
  • Changed: user.max_mnt_namespaces: 31760 -> 31752
  • \n
  • Changed: user.max_net_namespaces: 31760 -> 31752
  • \n
  • Changed: user.max_pid_namespaces: 31760 -> 31752
  • \n
  • Changed: user.max_time_namespaces: 31760 -> 31752
  • \n
  • Changed: user.max_user_namespaces: 31760 -> 31752
  • \n
  • Changed: user.max_uts_namespaces: 31760 -> 31752
  • \n
  • Changed: vm.lowmem_reserve_ratio: 256 256 32 0 -> 256 256 32 0 0
  • \n\n

  • Added: net.netfilter.nf_flowtable_tcp_timeout: 30
  • \n
  • Added: net.netfilter.nf_flowtable_udp_timeout: 30
  • \n\n

  • Changed: fs.file-max: 812608 -> 812606
  • \n\n

  • Added: net.ipv4.tcp_shrink_window: 0
  • \n
  • Added: net.ipv6.conf.all.accept_ra_min_lft: 0
  • \n
  • Added: net.ipv6.conf.default.accept_ra_min_lft: 0
  • \n
  • Added: net.ipv6.conf.docker0.accept_ra_min_lft: 0
  • \n
  • Added: net.ipv6.conf.eth0.accept_ra_min_lft: 0
  • \n
  • Added: net.ipv6.conf.lo.accept_ra_min_lft: 0
  • \n\n

  • Added: kernel.io_uring_disabled: 0
  • \n
  • Changed: fs.file-max: 812619 -> 812608
  • \n
  • Changed: kernel.threads-max: 63519 -> 63520
  • \n
  • Changed: net.netfilter.nf_conntrack_sctp_timeout_shutdown_recd: 0 -> 3
  • \n
  • Changed: net.netfilter.nf_conntrack_sctp_timeout_shutdown_sent: 0 -> 3
  • \n
  • Changed: user.max_cgroup_namespaces: 31759 -> 31760
  • \n
  • Changed: user.max_ipc_namespaces: 31759 -> 31760
  • \n
  • Changed: user.max_mnt_namespaces: 31759 -> 31760
  • \n
  • Changed: user.max_net_namespaces: 31759 -> 31760
  • \n
  • Changed: user.max_pid_namespaces: 31759 -> 31760
  • \n
  • Changed: user.max_time_namespaces: 31759 -> 31760
  • \n
  • Changed: user.max_user_namespaces: 31759 -> 31760
  • \n
  • Changed: user.max_uts_namespaces: 31759 -> 31760
  • \n\n

  • Changed: fs.epoll.max_user_watches: 1809474 -> 1809452
  • \n
  • Changed: fs.file-max: 812400 -> 812392
  • \n
  • Changed: kernel.threads-max: 63504 -> 63503
  • \n
  • Changed: net.ipv4.tcp_mem: 94068 125424 188136 -> 94065 125423 188130
  • \n
  • Changed: net.ipv4.udp_mem: 188136 250848 376272 -> 188133 250847 376266
  • \n
  • Changed: user.max_cgroup_namespaces: 31752 -> 31751
  • \n
  • Changed: user.max_ipc_namespaces: 31752 -> 31751
  • \n
  • Changed: user.max_mnt_namespaces: 31752 -> 31751
  • \n
  • Changed: user.max_net_namespaces: 31752 -> 31751
  • \n
  • Changed: user.max_pid_namespaces: 31752 -> 31751
  • \n
  • Changed: user.max_time_namespaces: 31752 -> 31751
  • \n
  • Changed: user.max_user_namespaces: 31752 -> 31751
  • \n
  • Changed: user.max_uts_namespaces: 31752 -> 31751
  • \n\n

  • Changed: fs.file-max: 812620 -> 812619
  • \n\n

  • Added: fs.overflowgid: 65534
  • \n
  • Added: fs.overflowuid: 65534
  • \n\n

\n

Announcement

\n

New Features and Changes in the Linux Kernel:

\n

Feature

\n

Added additional option to existing kernel cmdline flag that moves protected stateful partition integrity tags to memory.

\n

Fixed

\n

Fixed a kernel crash that occurred when running Postgres databases.

\n

Feature

\n

Enabled TDX Guest support in the Linux Kernel.

\n

Changed

\n

Updated the Linux kernel to v6.1.77.

\n

Announcement

\n

New Features and Changes in the Image:

\n

Feature

\n

Changed default umask value for a user to 027.

\n

Feature

\n

Removed legacy logging agent (fluentd).

\n

Feature

\n

Fragmented nvidia-drivers and nvidia-drivers-open pkg into separate packages per major version.

\n

Feature

\n

Enhanced integrity-fs with disk resize and dm-clone.

\n

Feature

\n

Removed deprecated R525 NVIDIA GPU drivers.

\n

Feature

\n

Added support for dm-zero and dm-clone.

\n

Feature

\n

Sosreport now includes GPU Installer logs.

\n

Fixed

\n

Fixed a performance issue that was observed in Postgres databases.

\n

Fixed

\n

Fixed a container performance issue that occurred after running systemctl start cloud-audit-setup.

\n

Feature

\n

Updated NVIDIA GPU drivers.

\n

Feature

\n

Backported support for TCP RTO configuration in networkd.

\n

Feature

\n

Enable portmapper registration reporting for lsof. This also fixes an issue where lsof is missing from SOS reports.

\n

Feature

\n

Add compiler mitigations to mitigate memory corruption vulnerabilities.

\n

Feature

\n

Sequence named before nss-lookup.target.

\n

Fixed

\n

Restore systemd-logind restart behavior when dbus restarts.

\n

Changed

\n

Fixed an issue where symlinks could not be moved.

\n

Fixed

\n

Fixed an issue where IPv6 networking would fail under high CPU load.

\n

Fixed

\n

Fixed an issue with NFS reconnects on GKE.

\n

Fixed

\n

The get_metadata_value script will now retry if it experiences a connection error.

\n

Fixed

\n

Enabled persistence mode with Nvidia GPU driver installation.

\n

Fixed

\n

Fixed an issue in ip6tables where the -C option did not work correctly.

\n

Changed

\n

Simplified GPU driver installation by remounting driver installation path as executable from cos-extensions.

\n

Feature

\n

Added support for user.* xattr on tmpfs.

\n

Feature

\n

Added automatic generation of known modules list to image build process.

\n

Feature

\n

Include nvidia plugin into sosreport.

\n

Feature

\n

Added support for iSCSI targets and RAM block devices.

\n

Fixed

\n

Fixed a time-to-login slowdown introduced by cloud-init changes.

\n

Announcement

\n

CVE/Security Fixes:

\n

Security

\n

Fixed CVE-2024-21626 in app-containers/runc.

\n

Security

\n

Upgraded app-editors/vim to v9.0.2167 and app-editors/vim-core to v9.0.2167. This resolves CVE-2023-4733, CVE-2023-4734, CVE-2023-4735, CVE-2023-4736, CVE-2023-4738, CVE-2023-4750, CVE-2023-4752, CVE-2023-4781, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535.

\n

Security

\n

Updated dev-lang/go to v1.21.5. This fixes CVE-2023-45285 and CVE-2023-39326.

\n

Security

\n

Upgraded dev-go/crypto to v0.17.0. This fixes CVE-2023-48795.

\n

Security

\n

Upgraded sys-apps/dbus to v1.12.28. This fixes CVE-2023-34969.

\n

Security

\n

Fixed CVE-2023-49083 in package dev-python/cryptography.

\n

Security

\n

Fixed CVE-2023-6622, CVE-2023-5197, CVE-2023-42753, CVE-2023-4921, CVE-2023-4623, CVE-2023-4194, CVE-2024-23851, CVE-2024-26581 in the Linux kernel.

\n

Security

\n

Updated net-libs/nghttp2 to v1.57.0. This resolves CVE-2023-44487 and CVE-2023-35945.

\n

Security

\n

Updated dev-go/net to v0.17.0. This resolves CVE-2023-44487 and CVE-2023-39325.

\n

Security

\n

Fixed CVE-2023-4911 in sys-libs/glibc.

\n

Security

\n

Fixed CVE-2023-38039 in net-misc/curl.

\n

Security

\n

Fixed CVE-2023-5345 and CVE-2023-42756 in COS kernel.

\n

Security

\n

Fixed CVE-2023-32636, CVE-2023-29499, CVE-2023-32643, CVE-2023-32665, CVE-2023-32611 in glib and glib-utils.

\n

Security

\n

Upgraded sys-fs/mdadm to v4.2. This resolves CVE-2023-28938 and CVE-2023-28736.

\n

Security

\n

Fixed CVE-2023-4016 in sys-process/procps.

\n

Security

\n

Updated dev-go/yaml to v3.0.1. This resolves CVE-2022-28948.

\n

Security

\n

Fixed CVE-2022-40896 in pygments.

\n

Security

\n

Fixed CVE-2023-24329 and CVE-2023-40217 in dev-lang/python.

\n

Security

\n

Fixed ncurses upgrade to 6.4p20220423. This resolves CVE-2023-29491.

\n

Security

\n

Upgraded dev-db/sqlite to v3.45.1-r1. This also fixes CVE-2023-7104.

\n

Security

\n

Fixed CVE-2023-40546, CVE-2023-40548, CVE-2023-40549, CVE-2023-40551, CVE-2023-40547, and CVE-2023-40550 in sys-boot/shim.

\n

Security

\n

Upgrade docker to v24.0.9. This fixes CVE-2024-24557.

\n

Security

\n

Updated dev-libs/openssl to v3.0.13. This resolves CVE-2024-0727 and CVE-2023-6129.

\n

Security

\n

Fixed CVE-2024-0684 in sys-apps/coreutils.

\n

Security

\n

Upgraded net-misc/curl to version 8.6.0. This fixes CVE-2024-0853 and CVE-2023-38545.

\n

Security

\n

Updated dev-libs/libxml2 to 2.11.7. This fixes CVE-2024-25062.

\n

Security

\n

Updated default GPU driver to v470.199.02 and latest GPU driver to v525.125.06. This resolves CVE-2023-25515 and CVE-2023-25516.

\n

Announcement

\n

Updates for Minor Packages:

\n

Changed

\n

Upgraded dev-libs/nss to v3.97.

\n

Changed

\n

Upgraded net-libs/gnutls to v3.8.3.

\n

Changed

\n

Upgraded dev-python/jinja to v3.1.3.

\n

Fixed

\n

Upgraded app-admin/node-problem-detector to v0.8.15.

\n

Fixed

\n

Upgraded app-eselect/eselect-iptables to v20220320.

\n

Fixed

\n

Upgraded sys-libs/libcap-ng to v0.8.4-r1.

\n

Fixed

\n

Upgraded net-misc/rsync to v3.2.7-r4.

\n

Fixed

\n

Upgraded dev-python/netifaces to v0.11.0-r2.

\n

Fixed

\n

Upgraded net-libs/libtirpc to v1.3.4-r1.

\n

Fixed

\n

Upgraded app-admin/sudo to v1.9.15_p5.

\n

Fixed

\n

Upgraded app-misc/jq to v1.7.1.

\n

Fixed

\n

Upgraded sys-apps/pv to v1.8.5.

\n

Fixed

\n

Upgraded sys-process/lsof to v4.99.3.

\n

Fixed

\n

Upgraded dev-util/bsdiff to v4.3.1-r42.

\n

Fixed

\n

Updated net-misc/openssh to v9.6_p1-r1.

\n

Changed

\n

Upgraded sys-apps/less to v643-r1.

\n

Fixed

\n

Upgraded chromeos-base/mojo_service_manager to v0.0.1-r271.

\n

Fixed

\n

Upgraded net-misc/socat to v1.8.0.0.

\n

Fixed

\n

Upgraded dev-python/jsonpatch to v1.33.

\n

Fixed

\n

Upgraded dev-python/pyyaml to v6.0.1-r1.

\n

Fixed

\n

Upgraded dev-lang/python-exec to v2.4.10.

\n

Fixed

\n

Upgraded dev-python/six to v1.16.0-r1.

\n

Fixed

\n

Upgraded dev-python/configobj to v5.0.8.

\n

Fixed

\n

Upgraded dev-python/nose to v1.3.7_p20221026.

\n

Fixed

\n

Upgraded dev-python/mock to v5.1.0.

\n

Fixed

\n

Upgraded dev-python/pyserial to v3.5-r2.

\n

Fixed

\n

Upgraded sys-apps/hwdata to v0.376.

\n

Changed

\n

Upgraded sys-fs/xfsprogs to v6.5.0.

\n

Changed

\n

Upgraded dev-python/pygobject to v3.46.0.

\n

Fixed

\n

Upgraded sys-devel/libtool to v2.4.6-r7.

\n

Fixed

\n

Upgraded dev-libs/double-conversion to v3.2.1.

\n

Fixed

\n

Upgraded net-fs/cifs-utils to v7.0-r1, Upgraded sys-libs/talloc to v2.4.1.

\n

Fixed

\n

Upgraded app-arch/unzip to v6.0_p27-r1.

\n

Fixed

\n

Upgraded sys-apps/dmidecode to v3.5-r3.

\n

Fixed

\n

Upgraded dev-util/gn to v2121.

\n

Fixed

\n

Upgraded chromeos-base/chromeos-dbus-bindings to v0.0.1-r2787.

\n

Changed

\n

Updated dev-embedded/libftdi to v1.5-r5.

\n

Fixed

\n

Upgraded sys-apps/coreutils to v9.4.

\n

Fixed

\n

Upgraded sys-process/procps to v4.0.4.

\n

Changed

\n

Updated dev-go/go-tools to v0.11.1_p20230712.

\n

Fixed

\n

Upgraded app-arch/pigz to v2.8.

\n

Fixed

\n

Upgraded sys-block/thin-provisioning-tools to v0.9.0-r2.

\n

Fixed

\n

Upgraded app-arch/tar to v1.35.

\n

Changed

\n

Upgraded app-arch/xz-utils to v5.4.6-r1.

\n

Changed

\n

Upgraded app-misc/ca-certificates to v20230311.3.97.

\n

Changed

\n

Upgraded net-dns/c-ares to v1.26.0.

\n

Changed

\n

Upgraded net-dns/libidn2 to v2.3.7.

\n

Changed

\n

Upgraded sys-apps/attr to v2.5.2-r1.

\n

Changed

\n

Upgraded sys-apps/ethtool to v6.7.

\n

Changed

\n

Upgraded sys-apps/file to v5.45-r4.

\n

Changed

\n

Upgraded sys-libs/libcap to v2.69-r1.

\n

Changed

\n

Upgraded sys-libs/timezone-data to v2024a.

\n

Changed

\n

Upgraded sys-libs/zlib to v1.3.1-r1.

\n

Changed

\n

Upgraded dev-libs/libusb to v1.0.27.

\n

Changed

\n

Upgraded dev-libs/expat to v2.6.0.

\n

Changed

\n

Upgraded sys-apps/acl to v2.3.2.

\n

Changed

\n

Updated gzip to v1.13.

\n

Changed

\n

Upgraded sys-auth/pambase to v20240128.

\n

Changed

\n

Upgraded net-misc/chrony to v4.5.

\n

Changed

\n

Upgraded app-containers/cni-plugins to v1.4.0.

\n

Changed

\n

Upgraded sys-apps/makedumpfile to v1.7.4.

\n

Changed

\n

Upgraded chromeos-base/system_api to v0.0.1-r5643.

\n

Changed

\n

Upgraded chromeos-base/update_engine-client to v0.0.1-r2385.

\n

Changed

\n

Upgraded chromeos-base/hiberman-client to v0.0.1-r455.

\n

Changed

\n

Upgraded chromeos-base/power_manager-client to v0.0.1-r2859.

\n

Changed

\n

Upgraded chromeos-base/dlcservice-client to v0.0.1-r884.

\n

Changed

\n

Upgraded chromeos-base/vm_protos to v0.0.1-r552.

\n

Changed

\n

Upgraded chromeos-base/shill-client to v0.0.1-r4325.

\n

Changed

\n

Upgraded chromeos-base/minijail to v18-r135.

\n

Changed

\n

Upgraded chromeos-base/debugd-client to v0.0.1-r2641.

\n

Changed

\n

Upgraded chromeos-base/session_manager-client to v0.0.1-r2722.

\n

Changed

\n

Upgraded chromeos-base/chromeos-common-script to v0.0.1-r601.

\n

Changed

\n

Upgraded chromeos-base/google-breakpad to v2024.01.16.190249-r226.

\n

Changed

\n

Upgraded dev-util/puffin to v1.0.0-r450.

\n

Changed

\n

Upgraded sys-fs/squashfs-tools to v4.6.1.

\n

Changed

\n

Upgraded sys-apps/sandbox to v2.29-r1.

\nDialogflow\n

Feature

\n

Dialogflow CX: The Override request-level speech model has been added to advanced speech settings. This can be used to override the speech model provided in a runtime API request.

\n

Feature

\n

Vertex AI Conversation data stores: Gemini-pro 1.0 is now officially in General Availability. The model includes optimized prompting, delivering enhanced results with minimal latency impact. Please note: prompt optimization is currently focused on English, with other languages to follow.

\n

Deprecated

\n

Vertex AI Conversation data stores: The text-bison-001 model and fine-tuned text-bison@001 options will be deprecated by Vertex AI on July 6th. Please transition as soon as possible to the default option or another model available in the settings.

\n

Feature

\n

Dialogflow CX: DTMF for telephony integrations is now available for preview.

\nFirestore in Datastore mode\n

Libraries

\n

A weekly digest of client library updates from across the Cloud SDK.

\n
\n

Python

Changes for google-cloud-ndb

\n\n

2.3.1 (2024-03-16)

\n\n
Bug Fixes
\n\n
    \n
  • grpc: Fix large payload handling when using the emulator. (#975) (d9162ae)
  • \n
  • Remove uses of six. #913 (#958) (e17129a)
  • \n
  • Show a non-None error for core_exception.Unknown errors. (#968) (66e61cc)
  • \n
\n\n
Documentation
\n\n
    \n
  • Document how to run system tests against the emulator. (#963) (47db5b9)
  • \n
  • Note to use functools.wrap instead of utils.wrapping. (#966) (5e9f3d6)
  • \n
  • Tell users of utils.wrapping to use functools.wraps (#967) (042645b)
  • \n
\n

Java

Changes for google-cloud-datastore

\n\n

2.18.6 (2024-03-18)

\n\n
Bug Fixes
\n\n
    \n
  • deps: Update the Java code generator (gapic-generator-java) to 2.37.0 (#1355) (bcc5668)
  • \n
\n\n
Dependencies
\n\n
    \n
  • Update dependency com.google.cloud:sdk-platform-java-config to v3.28.0 (#1372) (09db2a7)
  • \n
  • Update dependency com.google.cloud:sdk-platform-java-config to v3.28.1 (#1373) (c6e63e5)
  • \n
  • Update dependency com.google.errorprone:error_prone_core to v2.26.0 (#1361) (9442766)
  • \n
  • Update dependency com.google.errorprone:error_prone_core to v2.26.1 (#1363) (05fe5bc)
  • \n
  • Update dependency com.google.guava:guava-testlib to v33.1.0-jre (#1368) (0195345)
  • \n
\n
\nSecret Manager\n

Libraries

\n

A weekly digest of client library updates from across the Cloud SDK.

\n
\n

Go

Changes for secretmanager/apiv1

\n\n

1.12.0 (2024-03-19)

\n\n
Features
\n\n
\n
\nSensitive Data Protection\n

Fixed

\n

From February 12 through 27, 2024, a bug caused Sensitive Data Protection to inaccurately set the free-text scores of certain data profiles to 0, where they should have been higher. This bug is now resolved. All affected data profiles have been reprofiled.

\n\n

For more information about the discovery service, see Data profiles.

\n\n ",
"author"=>nil,
"link"=>"https://cloud.google.com/release-notes#March_25_2024",
"published_date"=>Mon, 25 Mar 2024 07:00:00.000000000 UTC +00:00,
"image_url"=>nil,
"feed_url"=>"https://cloud.google.com/release-notes#March_25_2024",
"language"=>nil,
"active"=>true,
"ricc_source"=>"feedjira::v1",
"created_at"=>Sun, 31 Mar 2024 21:42:30.614459000 UTC +00:00,
"updated_at"=>Mon, 13 May 2024 18:40:15.575764000 UTC +00:00,
"newspaper"=>"GCP latest releases",
"macro_region"=>"Technology"}
Edit this article
Back to articles