An elevation-of-privilege vulnerability existed for a user with access to CycleCloud (CVE-2024-29993).
The GPG key for the AlmaLinux 8 package repos in older images was revoked. CycleCloud will now update the gpg keys upon boot for AlmaLinux 8.
The Slurm Accounting record did not identify Spot VMs as "Spot" in the admin comment.
Settings whose values were secrets were shown in plain test in the Settings page.
The GridEngine cluster type sometimes failed initial converge due to a transient SELinux restorecon failure, leading to slow scheduler converges showing transient errors.
Unauthenticated users would be redirected to the login page with no error message.
Inline form labels were misaligned.
Users with no permission to view or create clusters would only see a blank page.