KNIME Business Hub 1.12 Release Notes
KNIME Business Hub 1.12.4
(released March 28, 2025)
Security fix
This release resolves a security vulnerability in all prior versions of KNIME Business Hub.
On March 24, 2025, a high-severity vulnerability in the widely used ingress-nginx component for Kubernetes was publicly disclosed. By sending specially crafted HTTP requests from within the cluster to the ingress-nginx controller, attackers could achieve remote code execution. Since ingress-nginx holds access to all cluster credentials, this vulnerability could lead to a full cluster takeover.
For full details, refer to the KNIME Security Advisory: CVE-2025-2787.
KNIME Business Hub 1.12.3
(released March 20, 2025)
Security fix
This release addresses a security vulnerability affecting all previous versions of KNIME Business Hub. We’ve identified that the existing Kubernetes secret configuration could potentially allow parties with specific credential knowledge to interact with job-related data on accessible KNIME Business Hub installations.
For more details, see the KNIME Security Advisory: CVE-2025-2402.
KNIME Business Hub 1.12.2
(released November 26, 2024)
Important changes (please read carefully)
- KNIME Business Hub 1.12.2 addresses default memory requests across multiple services. This helps lowering the minimum hardware requirements, so that Business Hub can again be deployed on machines with only 32GB of memory (while allowing an executor with at most 12GB RAM). Customers with larger machines do not need to go to this version.
- This release introduces the ability to configure hardware resource requests for the additional services in the KOTS admin console. At the same time, default memory requests have been reduced for these services:
- Search-sync service: 2560MB → 1024MB
- Artemis: 2048MB → 1024MB
- Elasticsearch: 2048MB → 1024MB
- Memory requests for istio-proxy sidecar containers have been reduced from 128MB to 64MB per container
- This setting will only be applied after relevant pods have been restarted via
kubectl rollout restart deployment -n hub. Doing so is not strictly necessary, but will save around 2.5GB of memory combined
KNIME Business Hub 1.12.1
(released September 11, 2024)
Important changes (please read carefully)
This release fixes wrong default values for CPU requests for various services. These values were introduced in KNIME Business Hub 1.12.0, and led to resource issues on smaller clusters.
For instance, the default memory requests for core services have been raised to 24GB, leaving only 8GB for an executor on a 32GB machine. This will be made configurable in an upcoming release in order to allow increasing execution resources again.
KNIME Business Hub 1.12.0
(released September 9, 2024)
Important installation notes
During the update executors of the Hub will restart. Some downtime in execution is expected.
Important changes (please read carefully)
- The Secret Store feature is now also available for Business Hub Basic Edition licenses (See documentation)
Improvements
- Scalability options for selected Hub services: IT now has the flexibility to configure resource usage and set limits for scaling with parameters such as minimum/maximum replicas, target CPU utilization, and memory resources for various Hub services like Account, Catalog, Execution Rest Interface, Search, and Websocket Proxy (See documentation)
- New monitoring dashboards: Administrators now have access to metrics from Kubernetes, KNIME Business Hub services, and tools like Keycloak and Minio to understand KNIME Business Hub operations better and troubleshoot performance issues more effectively (See documentation)
- Trigger deployments: Workflows can now be executed by events that occur across multiple teams and spaces, including those in newly created spaces. Global administrators can even set workflows to execute based on events across all spaces in the organization. This update is particularly helpful to administrators who want to deploy team or organization-wide governance workflows (See documentation)
Important bug fixes
- To avoid missing image problems coming up in airgapped installations. Garbage collection in the internal image registry shipped with Hub is now disabled by default.