GKE version 1.33.0-gke.1276000 and later remediate a low severity

## Security GKE version 1.33.0-gke.1276000 and later remediate a low severity vulnerability, in which an attacker with the ability to patch Node resources by using the Kubernetes API could change specific node labels in clusters that use Workload Identity Federation for GKE. This could result in the attacker gaining access to node metadata, such as the IAM service account. To remediate this vulnerability, a validation policy is enforced that prevents unauthorized modifications to the node labels that control metadata protection. ## Feature You can now run GPU workloads on Confidential GKE Nodes with the A3 High machine type and NVIDIA H100 GPUs. This feature is available in GKE version 1.32.2-gke.1297000 and later for manual GPU driver installation, and in version 1.33.3-gke.1392000 and later for automatic driver installation. This enables stronger data protection and integrity for GPU-accelerated computations running within GKE clusters and nodes. This feature is in General Availability. For more information, see [Encrypt GPU workload data in use with Confidential GKE Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/gpus-confidential-nodes).