Open OnDemand 4.0.7 is available. Thank you to all community members who contributed code, suggestions, bug reports, and other assistance across the project. A special thank you to @AndyUEA for alerting us to a security vulnerability and collaborating with us to resolve it. A special thank you as well to the folks mentioned below for their contributions to the new adapters compatible with Open OnDemand.
Release Overview
This release addresses important security concerns and introduces several new adapters compatible with Open OnDemand. For a full list of changes, please refer to the 4.0.7 changelog.
The difference between versions 4.0.6 and 4.0.7 was an ood_core upgrade. To view the details, navigate to the ood_core repository comparison link.
Enhancements
Three new adapters have been added to support various schedulers:
-
HTCondor — thank you to @fodinabor
-
PSI/J — thank you to @tat-ohmura
-
Coder/OpenStack — thank you to @andrejcermak
Bug Fixes
Interactive apps now correctly handle scripts that utilize pipefail, resolving issues where certain job scripts would terminate prematurely.
Security
Resolved CVE-2025-58435, VNC interactive apps now correctly rotate passwords for higher versions of TurboVNC, fixing an issue where noVNC passwords could not be rotated on newer TurboVNC versions. This patch applies to TurboVNC ≥ 3.1.2.