From a09d1257ac60980e0b88574e2898307b67519b67 Mon Sep 17 00:00:00 2001 From: Sherin Date: Wed, 7 May 2025 10:11:59 +0300 Subject: [PATCH 1/6] Update hotfixes-2-20.md --- docs/home/changelog/hotfixes-2-20.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/home/changelog/hotfixes-2-20.md b/docs/home/changelog/hotfixes-2-20.md index bb92ecc14e..c5d9856f80 100644 --- a/docs/home/changelog/hotfixes-2-20.md +++ b/docs/home/changelog/hotfixes-2-20.md @@ -11,6 +11,13 @@ This section provides details on all hotfixes available for version 2.20. Hotfix | Version | Date | Internal ID | Description | |--|--|--|--| +| 2.20.41 | 06/05/2025 | RUN-28241 | Fixed a security vulnerability in github.com.golang-jwt.jwt.v5 related to CVE-2025-30204 with severity HIGH. | +| 2.20.41 | 06/05/2025 | RUN-28097 | Fixed an issue where the allocated_gpu_count_per_gpu metric displayed incorrect data for fractional pods. | +| 2.20.41 | 06/05/2025 | RUN-28006 | Fixed an issue where tokens became invalid for the API server after one hour. | +| 2.20.41 | 06/05/2025 | RUN-27638 | Fixed a security vulnerability in axios related to CVE-2025-27152 with severity HIGH. | +| 2.20.40 | 30/04/2025 | RUN-27837 | Fixed an issue where a node pool’s placement strategy stopped functioning correctly after being edited.| +| 2.20.40 | 30/04/2025 | RUN-27628 | Fixed an issue where a node pool could remain stuck in Updating status in certain cases. | +| 2.20.40 | 30/04/2025 | RUN-27893 | Fixed an issue where workloads submitted with an invalid node port range would get stuck in "Creating" status. | | 2.20.39 | 24/04/2025 | RUN-26359 | Fixed an issue in CLI v2 where using the `--toleration` option required incorrect mandatory fields. | | 2.20.39 | 24/04/2025 | RUN-27088 | Fixed a security vulnerability in tar-fs related to CVE-2024-12905 with severity HIGH. | | 2.20.39 | 24/04/2025 | RUN-26608 | Fixed an issue by adding a flag to the `cli config set` command and the CLI install script, allowing users to set a cache directory. | From 1385ae596c856fd2126557fca8c4fe7ffb0fdb11 Mon Sep 17 00:00:00 2001 From: Sherin Date: Wed, 7 May 2025 10:29:40 +0300 Subject: [PATCH 2/6] Updates --- docs/home/changelog/hotfixes-2-19.md | 7 +++++++ docs/home/changelog/hotfixes-2-20.md | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/docs/home/changelog/hotfixes-2-19.md b/docs/home/changelog/hotfixes-2-19.md index 2b5ed40f0c..d7b635e76f 100644 --- a/docs/home/changelog/hotfixes-2-19.md +++ b/docs/home/changelog/hotfixes-2-19.md @@ -10,6 +10,13 @@ The following is a list of the known and fixed issues for Run:ai V2.19. | Internal ID | Hotfix # | Description | | :---- | :---- | :---- | +| RUN-27944 | 2.19.111 | Fixed a security vulnerability in `github.com.golang-jwt.jwt.v4` related to CVE-2025-30204 with severity HIGH. | +| RUN-28097 | 2.19.111 | Fixed an issue where the `allocated_gpu_count_per_gpu` metric displayed incorrect data for fractional pods. | +| RUN-27837 | 2.19.110 | Fixed an issue where a node pool’s placement strategy stopped functioning correctly after being edited. | +| RUN-27628 | 2.19.109 | Fixed an issue where a node pool could remain stuck in Updating status in certain cases. | +| RUN-27640 | 2.19.109 | Fixed a security vulnerability in `github.com.golang-jwt.jwt.v5` related to CVE-2025-30204 with severity HIGH. | +| RUN-27893 | 2.19.109 | Fixed an issue where workloads submitted with an invalid node port range would get stuck in Creating status. | +| RUN-27309 | 2.19.105 | Fixed an issue where workloads configured with a multi node pool setup could fail to schedule on a specific node pool in the future after an initial scheduling failure, even if sufficient resources later became available. | | RUN-27636 | 2.19.103 | Fixed a security vulnerability in golang.org.x.crypto related to CVE-2025-22869 with severity HIGH. | | RUN-24627 | 2.19.101 | Fixed an issue where GPU_ALLOCATION metric in workloads returned an empty value. | | RUN-27247 | 2.19.100 | Fixed security vulnerabilities in Spring framework used by `db-mechanic service` - CVE-2021-27568, CVE-2021-44228, CVE-2022-22965, CVE-2023-20873, CVE-2024-22243, CVE-2024-22259 and CVE-2024-22262. | diff --git a/docs/home/changelog/hotfixes-2-20.md b/docs/home/changelog/hotfixes-2-20.md index c5d9856f80..d4210cbdf7 100644 --- a/docs/home/changelog/hotfixes-2-20.md +++ b/docs/home/changelog/hotfixes-2-20.md @@ -12,7 +12,7 @@ This section provides details on all hotfixes available for version 2.20. Hotfix | Version | Date | Internal ID | Description | |--|--|--|--| | 2.20.41 | 06/05/2025 | RUN-28241 | Fixed a security vulnerability in github.com.golang-jwt.jwt.v5 related to CVE-2025-30204 with severity HIGH. | -| 2.20.41 | 06/05/2025 | RUN-28097 | Fixed an issue where the allocated_gpu_count_per_gpu metric displayed incorrect data for fractional pods. | +| 2.20.41 | 06/05/2025 | RUN-28097 | Fixed an issue where the allocated_gpu_count_per_gpu metric displayed incorrect data for fractional pods. | | 2.20.41 | 06/05/2025 | RUN-28006 | Fixed an issue where tokens became invalid for the API server after one hour. | | 2.20.41 | 06/05/2025 | RUN-27638 | Fixed a security vulnerability in axios related to CVE-2025-27152 with severity HIGH. | | 2.20.40 | 30/04/2025 | RUN-27837 | Fixed an issue where a node pool’s placement strategy stopped functioning correctly after being edited.| From a625443d90c6f3cdec9622cbe203a916309db54a Mon Sep 17 00:00:00 2001 From: Sherin Date: Wed, 7 May 2025 10:49:17 +0300 Subject: [PATCH 3/6] Updates --- docs/home/changelog/hotfixes-2-19.md | 2 +- docs/home/changelog/hotfixes-2-20.md | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/home/changelog/hotfixes-2-19.md b/docs/home/changelog/hotfixes-2-19.md index d7b635e76f..36af0336a3 100644 --- a/docs/home/changelog/hotfixes-2-19.md +++ b/docs/home/changelog/hotfixes-2-19.md @@ -17,7 +17,7 @@ The following is a list of the known and fixed issues for Run:ai V2.19. | RUN-27640 | 2.19.109 | Fixed a security vulnerability in `github.com.golang-jwt.jwt.v5` related to CVE-2025-30204 with severity HIGH. | | RUN-27893 | 2.19.109 | Fixed an issue where workloads submitted with an invalid node port range would get stuck in Creating status. | | RUN-27309 | 2.19.105 | Fixed an issue where workloads configured with a multi node pool setup could fail to schedule on a specific node pool in the future after an initial scheduling failure, even if sufficient resources later became available. | -| RUN-27636 | 2.19.103 | Fixed a security vulnerability in golang.org.x.crypto related to CVE-2025-22869 with severity HIGH. | +| RUN-27636 | 2.19.103 | Fixed a security vulnerability in `golang.org.x.crypto` related to CVE-2025-22869 with severity HIGH. | | RUN-24627 | 2.19.101 | Fixed an issue where GPU_ALLOCATION metric in workloads returned an empty value. | | RUN-27247 | 2.19.100 | Fixed security vulnerabilities in Spring framework used by `db-mechanic service` - CVE-2021-27568, CVE-2021-44228, CVE-2022-22965, CVE-2023-20873, CVE-2024-22243, CVE-2024-22259 and CVE-2024-22262. | | RUN-26359 | 2.19.99 | Fixed an issue in CLI v2 where using the `--toleration` option required incorrect mandatory fields. | diff --git a/docs/home/changelog/hotfixes-2-20.md b/docs/home/changelog/hotfixes-2-20.md index d4210cbdf7..b27be5afd0 100644 --- a/docs/home/changelog/hotfixes-2-20.md +++ b/docs/home/changelog/hotfixes-2-20.md @@ -11,13 +11,13 @@ This section provides details on all hotfixes available for version 2.20. Hotfix | Version | Date | Internal ID | Description | |--|--|--|--| -| 2.20.41 | 06/05/2025 | RUN-28241 | Fixed a security vulnerability in github.com.golang-jwt.jwt.v5 related to CVE-2025-30204 with severity HIGH. | -| 2.20.41 | 06/05/2025 | RUN-28097 | Fixed an issue where the allocated_gpu_count_per_gpu metric displayed incorrect data for fractional pods. | +| 2.20.41 | 06/05/2025 | RUN-28241 | Fixed a security vulnerability in `github.com.golang-jwt.jwt.v5` related to CVE-2025-30204 with severity HIGH. | +| 2.20.41 | 06/05/2025 | RUN-28097 | Fixed an issue where the `allocated_gpu_count_per_gpu metric` displayed incorrect data for fractional pods. | | 2.20.41 | 06/05/2025 | RUN-28006 | Fixed an issue where tokens became invalid for the API server after one hour. | | 2.20.41 | 06/05/2025 | RUN-27638 | Fixed a security vulnerability in axios related to CVE-2025-27152 with severity HIGH. | | 2.20.40 | 30/04/2025 | RUN-27837 | Fixed an issue where a node pool’s placement strategy stopped functioning correctly after being edited.| | 2.20.40 | 30/04/2025 | RUN-27628 | Fixed an issue where a node pool could remain stuck in Updating status in certain cases. | -| 2.20.40 | 30/04/2025 | RUN-27893 | Fixed an issue where workloads submitted with an invalid node port range would get stuck in "Creating" status. | +| 2.20.40 | 30/04/2025 | RUN-27893 | Fixed an issue where workloads submitted with an invalid node port range would get stuck in Creating status. | | 2.20.39 | 24/04/2025 | RUN-26359 | Fixed an issue in CLI v2 where using the `--toleration` option required incorrect mandatory fields. | | 2.20.39 | 24/04/2025 | RUN-27088 | Fixed a security vulnerability in tar-fs related to CVE-2024-12905 with severity HIGH. | | 2.20.39 | 24/04/2025 | RUN-26608 | Fixed an issue by adding a flag to the `cli config set` command and the CLI install script, allowing users to set a cache directory. | From c8fbc32493bc02e8ee8a379191bfe0c398f8f989 Mon Sep 17 00:00:00 2001 From: Sherin Date: Wed, 7 May 2025 11:40:36 +0300 Subject: [PATCH 4/6] Update hotfixes-2-19.md --- docs/home/changelog/hotfixes-2-19.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/home/changelog/hotfixes-2-19.md b/docs/home/changelog/hotfixes-2-19.md index 36af0336a3..0b462c561b 100644 --- a/docs/home/changelog/hotfixes-2-19.md +++ b/docs/home/changelog/hotfixes-2-19.md @@ -10,6 +10,7 @@ The following is a list of the known and fixed issues for Run:ai V2.19. | Internal ID | Hotfix # | Description | | :---- | :---- | :---- | +| RUN-27944 | 2.19.111 | Fixed an issue where `runai workspace bash` CLI command failed to run. | | RUN-27944 | 2.19.111 | Fixed a security vulnerability in `github.com.golang-jwt.jwt.v4` related to CVE-2025-30204 with severity HIGH. | | RUN-28097 | 2.19.111 | Fixed an issue where the `allocated_gpu_count_per_gpu` metric displayed incorrect data for fractional pods. | | RUN-27837 | 2.19.110 | Fixed an issue where a node pool’s placement strategy stopped functioning correctly after being edited. | From ea435eada9ecae63948224cf1403b1f94c924dbf Mon Sep 17 00:00:00 2001 From: Sherin Date: Wed, 7 May 2025 13:45:08 +0300 Subject: [PATCH 5/6] Update hotfixes-2-19.md --- docs/home/changelog/hotfixes-2-19.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/home/changelog/hotfixes-2-19.md b/docs/home/changelog/hotfixes-2-19.md index 0b462c561b..d4b6b12cad 100644 --- a/docs/home/changelog/hotfixes-2-19.md +++ b/docs/home/changelog/hotfixes-2-19.md @@ -10,7 +10,7 @@ The following is a list of the known and fixed issues for Run:ai V2.19. | Internal ID | Hotfix # | Description | | :---- | :---- | :---- | -| RUN-27944 | 2.19.111 | Fixed an issue where `runai workspace bash` CLI command failed to run. | +| RUN-26994 | 2.19.111 | Fixed an issue where session timeouts occurred when using the CLI. | | RUN-27944 | 2.19.111 | Fixed a security vulnerability in `github.com.golang-jwt.jwt.v4` related to CVE-2025-30204 with severity HIGH. | | RUN-28097 | 2.19.111 | Fixed an issue where the `allocated_gpu_count_per_gpu` metric displayed incorrect data for fractional pods. | | RUN-27837 | 2.19.110 | Fixed an issue where a node pool’s placement strategy stopped functioning correctly after being edited. | From 63d7acb118dc224441f5ee8ef47eee04ea29798f Mon Sep 17 00:00:00 2001 From: Sherin Date: Wed, 7 May 2025 13:48:08 +0300 Subject: [PATCH 6/6] Update hotfixes-2-19.md --- docs/home/changelog/hotfixes-2-19.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/home/changelog/hotfixes-2-19.md b/docs/home/changelog/hotfixes-2-19.md index d4b6b12cad..f478778c12 100644 --- a/docs/home/changelog/hotfixes-2-19.md +++ b/docs/home/changelog/hotfixes-2-19.md @@ -10,8 +10,8 @@ The following is a list of the known and fixed issues for Run:ai V2.19. | Internal ID | Hotfix # | Description | | :---- | :---- | :---- | -| RUN-26994 | 2.19.111 | Fixed an issue where session timeouts occurred when using the CLI. | | RUN-27944 | 2.19.111 | Fixed a security vulnerability in `github.com.golang-jwt.jwt.v4` related to CVE-2025-30204 with severity HIGH. | +| RUN-26994 | 2.19.111 | Fixed an issue where session timeouts occurred when using the CLI. | | RUN-28097 | 2.19.111 | Fixed an issue where the `allocated_gpu_count_per_gpu` metric displayed incorrect data for fractional pods. | | RUN-27837 | 2.19.110 | Fixed an issue where a node pool’s placement strategy stopped functioning correctly after being edited. | | RUN-27628 | 2.19.109 | Fixed an issue where a node pool could remain stuck in Updating status in certain cases. |