Anthos clusters on VMware 1.15.4-gke.37 is now available. To upgrade, see Upgrading Anthos clusters on VMware
Share
Services
## Announcement
Anthos clusters on VMware 1.15.4-gke.37 is now available. To upgrade, see [Upgrading Anthos clusters on VMware](https://cloud.google.com/anthos/clusters/docs/on-prem/1.15/how-to/upgrading). Anthos clusters on VMware 1.15.4-gke.37 runs on Kubernetes 1.26.7-gke.2500.
## Fix
The following issues are fixed in 1.15.4-gke.37:
* Fixed a [known issue](https://cloud.google.com/anthos/clusters/docs/on-prem/1.15/known-issues#seesaw-vm-broken-due-to-disk-space-low) where incorrect log rotation configuration for fluent-bit caused low disk space on the Seesaw VM.
* Fixed a [known issue](https://cloud.google.com/anthos/clusters/docs/on-prem/1.15/known-issues#garp-reply-sent-by-seesaw-doesnt-set-target-ip) that GARP reply sent by Seesaw doesn't set target IP.
* Fixed an issue where `/etc/vsphere/certificate/ca.crt` wasn't updated after vsphere CA rotation on the Controlplane v2 user cluster control plane machines.
* Fixed a [known issue](https://cloud.google.com/anthos/clusters/docs/on-prem/1.15/known-issues#admin-ssh-public-key-error-after-admin-cluster-upgrade-or-update) where the admin SSH public key has error after admin cluster upgrade or update.
## Fix
The following vulnerabilities are fixed in 1.15.4-gke.37:
* High-severity container vulnerabilities:
* [CVE-2022-32190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32190)
* [CVE-2023-29002](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29002)
* [CVE-2023-38403](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38403)
* Container-Optimized OS vulnerabilities:
* [CVE-2015-8863](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8863)
* [CVE-2016-4074](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4074)
* [CVE-2018-14647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647)
* [CVE-2018-1000802](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802)
* [CVE-2022-28737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28737)
* [CVE-2023-3611](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3611)
* [CVE-2023-3776](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3776)
* [CVE-2023-3777](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3777)
* [CVE-2023-29491](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491)
* [CVE-2023-38408](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38408)
What else is happening at Google Cloud Platform?
Toxic combination findings are generally available. This includes the following updates
October 16th, 2024
Services
Share