BigQuery
Feature
You can now enable
autonomous embedding generation
on tables that you make with the
CREATE TABLE statement.
When you do this, BigQuery maintains a column of embeddings on
the table based on a source column. When you add or modify data in the source
column, BigQuery automatically generates or updates the embedding
column for that data.
You can also use the
AI.SEARCH
function, enabling semantic search on tables that have autonomous embedding
generation enabled.
These features are in Preview.
Changed
An updated version of the ODBC driver for BigQuery is now available.
Cloud Healthcare API
Feature
- DICOM exports to BigQuery now support a new JSON schema option
- DICOM streaming to BigQuery now supports a new JSON schema option
- The new JSON schema option contains fewer columns and works more gracefully with the
33,000 public tags defined in the DICOM standard. For more information on the new schema,
see the
BigQueryDestinationfield.
Feature
- DICOM streaming to BigQuery using the new JSON schema now supports Change Data Capture
- For more information on enabling change data capture, see the
BigQueryDestinationfield.
Cloud Load Balancing
Feature
Backend mutual TLS (mTLS) and backend authenticated TLS are now Generally available for the following regional Application Load Balancers:
- Regional external Application Load Balancers
- Regional internal Application Load Balancers
This update complements existing support for global external Application Load Balancers, allowing you to enforce bidirectional identity verification across your regional deployments.
For details, see the following:
Container Optimized OS
Changed
cos-117-18613-439-45
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.6.111 | v24.0.9 | v1.7.28 | See List |
Fixed
Fixed an issue in app-containers/runc that caused runc to use more file descriptors than intended.
Security
Fixed CVE-2025-40196 in the Linux kernel.
Security
Fixed CVE-2025-40201 in the Linux kernel.
Security
Fixed CVE-2025-40160 in the Linux kernel.
Security
Fixed CVE-2025-40179 in the Linux kernel.
Security
Fixed CVE-2025-40190 in the Linux kernel.
Security
Fixed CVE-2025-40194 in the Linux kernel.
Security
Fixed CVE-2025-40176 in the Linux kernel.
Fixed
Set the default NVIDIA driver version to v535.274.02 for GPU types which previously had a default major version of 535. This includes NVIDIA_TESLA_V100, NVIDIA_TESLA_A100, NVIDIA_A100_80GB, NVIDIA_H100_80GB, NVIDIA_TESLA_P100, NVIDIA_L4, NVIDIA_TESLA_P4 and NVIDIA_TESLA_T4 GPU types.
Security
Fixed CVE-2025-40183 in the Linux kernel.
Security
Fixed CVE-2025-40178 in the Linux kernel.
Security
Fixed CVE-2025-40200 in the Linux kernel.
Security
Fixed CVE-2025-40198 in the Linux kernel.
Fixed
Upgraded sys-apps/makedumpfile to v1.7.8.
Security
Fixed CVE-2025-40186 in the Linux kernel.
Security
Fixed CVE-2025-40206 in the Linux kernel.
Security
Fixed CVE-2025-40129 in the Linux kernel.
Security
Fixed CVE-2025-40125 in the Linux kernel.
Security
Fixed CVE-2025-40173 in the Linux kernel.
Security
Fixed CVE-2025-40169 in the Linux kernel.
Security
Fixed KCTF-b441cf3 in the Linux kernel.
Security
Fixed KCTF-60e6489 in the Linux Kernel.
Security
Fixed CVE-2025-40153 in the Linux kernel.
Security
Fixed CVE-2025-40167 in the Linux kernel.
Security
Fixed CVE-2025-40123 in the Linux kernel.
Changed
cos-113-18244-521-39
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.155 | v24.0.9 | v1.7.27 | See List |
Fixed
Fixed an issue in app-containers/runc that caused runc to use more file descriptors than intended.
Security
Fixed CVE-2025-40179 in the Linux kernel.
Security
Fixed CVE-2025-40201 in the Linux kernel.
Security
Fixed CVE-2025-40125 in the Linux kernel.
Security
Fixed KCTF-60e6489 in the Linux Kernel.
Security
Fixed CVE-2025-40176 in the Linux kernel.
Security
Fixed CVE-2025-40186 in the Linux kernel.
Security
Fixed CVE-2025-40173 in the Linux kernel.
Security
Fixed CVE-2025-40123 in the Linux kernel.
Security
Fixed CVE-2025-40200 in the Linux kernel.
Security
Fixed KCTF-b441cf3 in the Linux kernel.
Security
Fixed CVE-2025-40183 in the Linux kernel.
Security
Fixed CVE-2025-40167 in the Linux kernel.
Security
Fixed CVE-2025-40194 in the Linux kernel.
Security
Fixed CVE-2025-40178 in the Linux kernel.
Security
Fixed CVE-2025-40190 in the Linux kernel.
Security
Fixed CVE-2025-40198 in the Linux kernel.
Security
Fixed CVE-2025-40153 in the Linux kernel.
Changed
cos-dev-129-19403-0-0
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.57 | v27.5.1 | v2.1.4 | See List |
Fixed
Upgraded net-libs/libtirpc to v1.3.7-r2.
Security
Fixed KCTF-60e6489 in the Linux Kernel.
Fixed
Upgraded sys-apps/pv to v1.10.2.
Fixed
Upgraded sys-process/procps to v4.0.5-r3.
Fixed
Upgraded sys-apps/pv to v1.10.1.
Feature
Enabled Software Watchdog as a module.
Security
Fixed KCTF-b441cf3 in the Linux kernel.
Fixed
Fixed an issue in app-containers/runc that caused runc to use more file descriptors than intended.
Feature
Enabled KVM for COS ARM64.
Fixed
Upgraded net-misc/rsync to v3.4.1-r1.
Fixed
Upgraded net-misc/wget to v1.25.0-r1.
Changed
cos-121-18867-294-38
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.6.113 | v27.5.1 | v2.0.6 | See List |
Security
Fixed KCTF-b441cf3 in the Linux kernel.
Security
Fixed CVE-2025-40176 in the Linux kernel.
Security
Fixed CVE-2025-40198 in the Linux kernel.
Security
Fixed CVE-2025-40196 in the Linux kernel.
Security
Fixed KCTF-60e6489 in the Linux Kernel.
Feature
Enabled KVM for COS ARM64.
Security
Fixed CVE-2025-40173 in the Linux kernel.
Fixed
Fixed an issue in app-containers/runc that caused runc to use more file descriptors than intended.
Fixed
Set the default NVIDIA driver version to v535.274.02 for GPU types which previously had a default major version of 535. This includes NVIDIA_TESLA_V100, NVIDIA_TESLA_A100, NVIDIA_A100_80GB, NVIDIA_H100_80GB, NVIDIA_TESLA_P100, NVIDIA_L4, NVIDIA_TESLA_P4 and NVIDIA_TESLA_T4 GPU types.
Security
Fixed CVE-2025-40167 in the Linux kernel.
Changed
cos-125-19216-104-39
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.55 | v27.5.1 | v2.1.4 | See List |
Security
Fixed KCTF-b441cf3 in the Linux kernel.
Fixed
Upgraded net-misc/rsync to v3.4.1-r1.
Security
Fixed CVE-2025-40212 in the Linux kernel.
Changed
Runtime sysctl changes:
- Changed: fs.file-max: 811512 -> 811428
- Changed: net.ipv4.udp_mem: 188034 250715 376068 -> 188034 250714 376068
Feature
Enabled Software Watchdog as a module.
Fixed
Fixed an issue in app-containers/runc that caused runc to use more file descriptors than intended.
Feature
Enabled KVM for COS ARM64.
Security
Fixed CVE-2025-22105 in the Linux kernel.
Security
Fixed KCTF-60e6489 in the Linux Kernel.
Google Cloud Contact Center as a Service
Fixed
We addressed the following iOS SDK issues in this release:
Fixed an issue where the RATE YOUR EXPERIENCE dialog contained text that didn’t adequately contrast with the background.
Fixed an issue where smart action requests from an agent (for example, request verification or request photo) triggered push notifications to the end-user despite Allow Push Notifications being turned off in the end-user’s app.
Fixed an issue in the end-user’s chat screen where the screen reader incorrectly announced that the “We are connecting you, please hold” message was a button.
Feature
Turn off push notifications at the global level
You can configure your Android SDK or iOS SDK to turn off push notifications at the global level. This bypasses all push notification dependencies and prevents push notifications from reaching end-users. For more information, see the following:
Android SDK: SDK configuration
Announcement
Mobile SDKs version 2.15.0
We’ve released version 2.15.0 of the mobile SDKs.
Google Distributed Cloud (software only) for VMware
Announcement
Google Distributed Cloud (software only) for VMware 1.32.700-gke.64 is available for download. To upgrade, see Upgrade a cluster. Distributed Cloud 1.32.700-gke.64 runs on Kubernetes v1.32.9-gke.700.
If you are using a third-party storage vendor, check the GDC Ready storage partners document to make sure the storage vendor has already passed the qualification for this release.
After a release, it takes approximately 7 to 14 days for the version to become available for use with GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
Fixed
The following issues were fixed in 1.32.700-gke.64:
- Fixed vulnerabilities listed in Vulnerability fixes.
Google Distributed Cloud (software only) for bare metal
Issue
For information about the latest known issues, see Google Distributed Cloud for bare metal known issues in the Troubleshooting section.
Fixed
The following issues were fixed in 1.32.700-gke.64:
- Fixed vulnerabilities listed in Vulnerability fixes.
Announcement
Google Distributed Cloud for bare metal 1.32.700-gke.64 is now available for download. To upgrade, see Upgrade clusters. Google Distributed Cloud for bare metal 1.32.700-gke.64 runs on Kubernetes v1.32.9-gke.700.
After a release, it takes approximately 7 to 14 days for the version to become available for installations or upgrades with the GKE On-Prem API clients: the Google Cloud console, the gcloud CLI, and Terraform.
If you use a third-party storage vendor, check the Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of Google Distributed Cloud for bare metal.
Looker
Feature
Now available in preview, Looker can display a new Connected Sheets option in the Explore actions menu. The Connected Sheets option opens Google Sheets and initiates a connection from Google Sheets to the Looker Explore. You can then build reports, pivot tables, or charts within the newly created Google Sheets using the fields available from the selected Looker Explore. The Connected Sheets quick link feature must be configured in the Google Cloud console and on your Looker instance. See the Connected Sheets quick link documentation page for details.
SAP on Google Cloud
Announcement
BigQuery Connector for SAP version 2.11
Version 2.11 of the BigQuery Connector for SAP is generally available (GA). This version lets you set up JWT authentication by using project-specific service accounts for data replication to different Google Cloud projects.
For more information, see What’s new with BigQuery Connector for SAP.
Storage Transfer Service
Feature
You can now transfer data from AWS S3 or Azure Blob Storage to Cloud Storage over a private network connection, using Cross-Cloud Interconnect or Partner Interconnect. Transferring data over a private connection can optimize costs, provide dedicated bandwidth, and help meet compliance needs by keeping data off the public internet.
See Transfer from AWS or Azure over a customer-managed private network for details.
Source: Google Cloud Platform
