diff --git a/CHANGELOG/CHANGELOG-1.27.md b/CHANGELOG/CHANGELOG-1.27.md index a8f845a0601..2995e0a3b0f 100644 --- a/CHANGELOG/CHANGELOG-1.27.md +++ b/CHANGELOG/CHANGELOG-1.27.md @@ -1,211 +1,211 @@ -- [v1.27.15](#v12715) - - [Downloads for v1.27.15](#downloads-for-v12715) +- [v1.27.16](#v12716) + - [Downloads for v1.27.16](#downloads-for-v12716) - [Source Code](#source-code) - [Client Binaries](#client-binaries) - [Server Binaries](#server-binaries) - [Node Binaries](#node-binaries) - [Container Images](#container-images) - - [Changelog since v1.27.14](#changelog-since-v12714) + - [Changelog since v1.27.15](#changelog-since-v12715) + - [Important Security Information](#important-security-information) + - [CVE-2024-5321: Incorrect permissions on Windows containers logs](#cve-2024-5321-incorrect-permissions-on-windows-containers-logs) - [Changes by Kind](#changes-by-kind) - - [API Change](#api-change) - [Feature](#feature) - [Bug or Regression](#bug-or-regression) - [Dependencies](#dependencies) - [Added](#added) - [Changed](#changed) - [Removed](#removed) -- [v1.27.14](#v12714) - - [Downloads for v1.27.14](#downloads-for-v12714) +- [v1.27.15](#v12715) + - [Downloads for v1.27.15](#downloads-for-v12715) - [Source Code](#source-code-1) - [Client Binaries](#client-binaries-1) - [Server Binaries](#server-binaries-1) - [Node Binaries](#node-binaries-1) - [Container Images](#container-images-1) - - [Changelog since v1.27.13](#changelog-since-v12713) + - [Changelog since v1.27.14](#changelog-since-v12714) - [Changes by Kind](#changes-by-kind-1) + - [API Change](#api-change) + - [Feature](#feature-1) - [Bug or Regression](#bug-or-regression-1) - [Dependencies](#dependencies-1) - [Added](#added-1) - [Changed](#changed-1) - [Removed](#removed-1) -- [v1.27.13](#v12713) - - [Downloads for v1.27.13](#downloads-for-v12713) +- [v1.27.14](#v12714) + - [Downloads for v1.27.14](#downloads-for-v12714) - [Source Code](#source-code-2) - [Client Binaries](#client-binaries-2) - [Server Binaries](#server-binaries-2) - [Node Binaries](#node-binaries-2) - [Container Images](#container-images-2) - - [Changelog since v1.27.12](#changelog-since-v12712) - - [Important Security Information](#important-security-information) - - [CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin](#cve-2024-3177-bypassing-mountable-secrets-policy-imposed-by-the-serviceaccount-admission-plugin) + - [Changelog since v1.27.13](#changelog-since-v12713) - [Changes by Kind](#changes-by-kind-2) - - [Feature](#feature-1) - [Bug or Regression](#bug-or-regression-2) - [Dependencies](#dependencies-2) - [Added](#added-2) - [Changed](#changed-2) - [Removed](#removed-2) -- [v1.27.12](#v12712) - - [Downloads for v1.27.12](#downloads-for-v12712) +- [v1.27.13](#v12713) + - [Downloads for v1.27.13](#downloads-for-v12713) - [Source Code](#source-code-3) - [Client Binaries](#client-binaries-3) - [Server Binaries](#server-binaries-3) - [Node Binaries](#node-binaries-3) - [Container Images](#container-images-3) - - [Changelog since v1.27.11](#changelog-since-v12711) + - [Changelog since v1.27.12](#changelog-since-v12712) + - [Important Security Information](#important-security-information-1) + - [CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin](#cve-2024-3177-bypassing-mountable-secrets-policy-imposed-by-the-serviceaccount-admission-plugin) - [Changes by Kind](#changes-by-kind-3) - [Feature](#feature-2) - [Bug or Regression](#bug-or-regression-3) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake) - [Dependencies](#dependencies-3) - [Added](#added-3) - [Changed](#changed-3) - [Removed](#removed-3) -- [v1.27.11](#v12711) - - [Downloads for v1.27.11](#downloads-for-v12711) +- [v1.27.12](#v12712) + - [Downloads for v1.27.12](#downloads-for-v12712) - [Source Code](#source-code-4) - [Client Binaries](#client-binaries-4) - [Server Binaries](#server-binaries-4) - [Node Binaries](#node-binaries-4) - [Container Images](#container-images-4) - - [Changelog since v1.27.10](#changelog-since-v12710) + - [Changelog since v1.27.11](#changelog-since-v12711) - [Changes by Kind](#changes-by-kind-4) - [Feature](#feature-3) - [Bug or Regression](#bug-or-regression-4) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake) - [Dependencies](#dependencies-4) - [Added](#added-4) - [Changed](#changed-4) - [Removed](#removed-4) -- [v1.27.10](#v12710) - - [Downloads for v1.27.10](#downloads-for-v12710) +- [v1.27.11](#v12711) + - [Downloads for v1.27.11](#downloads-for-v12711) - [Source Code](#source-code-5) - [Client Binaries](#client-binaries-5) - [Server Binaries](#server-binaries-5) - [Node Binaries](#node-binaries-5) - [Container Images](#container-images-5) - - [Changelog since v1.27.9](#changelog-since-v1279) + - [Changelog since v1.27.10](#changelog-since-v12710) - [Changes by Kind](#changes-by-kind-5) - [Feature](#feature-4) - [Bug or Regression](#bug-or-regression-5) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-1) - [Dependencies](#dependencies-5) - [Added](#added-5) - [Changed](#changed-5) - [Removed](#removed-5) -- [v1.27.9](#v1279) - - [Downloads for v1.27.9](#downloads-for-v1279) +- [v1.27.10](#v12710) + - [Downloads for v1.27.10](#downloads-for-v12710) - [Source Code](#source-code-6) - [Client Binaries](#client-binaries-6) - [Server Binaries](#server-binaries-6) - [Node Binaries](#node-binaries-6) - [Container Images](#container-images-6) - - [Changelog since v1.27.8](#changelog-since-v1278) + - [Changelog since v1.27.9](#changelog-since-v1279) - [Changes by Kind](#changes-by-kind-6) - [Feature](#feature-5) - [Bug or Regression](#bug-or-regression-6) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-2) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-1) - [Dependencies](#dependencies-6) - [Added](#added-6) - [Changed](#changed-6) - [Removed](#removed-6) -- [v1.27.8](#v1278) - - [Downloads for v1.27.8](#downloads-for-v1278) +- [v1.27.9](#v1279) + - [Downloads for v1.27.9](#downloads-for-v1279) - [Source Code](#source-code-7) - [Client Binaries](#client-binaries-7) - [Server Binaries](#server-binaries-7) - [Node Binaries](#node-binaries-7) - [Container Images](#container-images-7) - - [Changelog since v1.27.7](#changelog-since-v1277) - - [Important Security Information](#important-security-information-1) - - [CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes](#cve-2023-5528-insufficient-input-sanitization-in-in-tree-storage-plugin-leads-to-privilege-escalation-on-windows-nodes) + - [Changelog since v1.27.8](#changelog-since-v1278) - [Changes by Kind](#changes-by-kind-7) - - [API Change](#api-change-1) - [Feature](#feature-6) - [Bug or Regression](#bug-or-regression-7) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-2) - [Dependencies](#dependencies-7) - [Added](#added-7) - [Changed](#changed-7) - [Removed](#removed-7) -- [v1.27.7](#v1277) - - [Downloads for v1.27.7](#downloads-for-v1277) +- [v1.27.8](#v1278) + - [Downloads for v1.27.8](#downloads-for-v1278) - [Source Code](#source-code-8) - [Client Binaries](#client-binaries-8) - [Server Binaries](#server-binaries-8) - [Node Binaries](#node-binaries-8) - [Container Images](#container-images-8) - - [Changelog since v1.27.6](#changelog-since-v1276) + - [Changelog since v1.27.7](#changelog-since-v1277) + - [Important Security Information](#important-security-information-2) + - [CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes](#cve-2023-5528-insufficient-input-sanitization-in-in-tree-storage-plugin-leads-to-privilege-escalation-on-windows-nodes) - [Changes by Kind](#changes-by-kind-8) + - [API Change](#api-change-1) - [Feature](#feature-7) - - [Failing Test](#failing-test) - [Bug or Regression](#bug-or-regression-8) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-3) - [Dependencies](#dependencies-8) - [Added](#added-8) - [Changed](#changed-8) - [Removed](#removed-8) -- [v1.27.6](#v1276) - - [Downloads for v1.27.6](#downloads-for-v1276) +- [v1.27.7](#v1277) + - [Downloads for v1.27.7](#downloads-for-v1277) - [Source Code](#source-code-9) - [Client Binaries](#client-binaries-9) - [Server Binaries](#server-binaries-9) - [Node Binaries](#node-binaries-9) - [Container Images](#container-images-9) - - [Changelog since v1.27.5](#changelog-since-v1275) + - [Changelog since v1.27.6](#changelog-since-v1276) - [Changes by Kind](#changes-by-kind-9) - - [API Change](#api-change-2) - [Feature](#feature-8) + - [Failing Test](#failing-test) - [Bug or Regression](#bug-or-regression-9) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-4) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-3) - [Dependencies](#dependencies-9) - [Added](#added-9) - [Changed](#changed-9) - [Removed](#removed-9) -- [v1.27.5](#v1275) - - [Downloads for v1.27.5](#downloads-for-v1275) +- [v1.27.6](#v1276) + - [Downloads for v1.27.6](#downloads-for-v1276) - [Source Code](#source-code-10) - [Client Binaries](#client-binaries-10) - [Server Binaries](#server-binaries-10) - [Node Binaries](#node-binaries-10) - [Container Images](#container-images-10) - - [Changelog since v1.27.4](#changelog-since-v1274) - - [Important Security Information](#important-security-information-2) - - [CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3955-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation) - - [CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3676-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation) + - [Changelog since v1.27.5](#changelog-since-v1275) - [Changes by Kind](#changes-by-kind-10) - - [API Change](#api-change-3) + - [API Change](#api-change-2) - [Feature](#feature-9) - [Bug or Regression](#bug-or-regression-10) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-4) - [Dependencies](#dependencies-10) - [Added](#added-10) - [Changed](#changed-10) - [Removed](#removed-10) -- [v1.27.4](#v1274) - - [Downloads for v1.27.4](#downloads-for-v1274) +- [v1.27.5](#v1275) + - [Downloads for v1.27.5](#downloads-for-v1275) - [Source Code](#source-code-11) - [Client Binaries](#client-binaries-11) - [Server Binaries](#server-binaries-11) - [Node Binaries](#node-binaries-11) - [Container Images](#container-images-11) - - [Changelog since v1.27.3](#changelog-since-v1273) + - [Changelog since v1.27.4](#changelog-since-v1274) + - [Important Security Information](#important-security-information-3) + - [CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3955-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation) + - [CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3676-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation) - [Changes by Kind](#changes-by-kind-11) + - [API Change](#api-change-3) - [Feature](#feature-10) - [Bug or Regression](#bug-or-regression-11) - [Dependencies](#dependencies-11) - [Added](#added-11) - [Changed](#changed-11) - [Removed](#removed-11) -- [v1.27.3](#v1273) - - [Downloads for v1.27.3](#downloads-for-v1273) +- [v1.27.4](#v1274) + - [Downloads for v1.27.4](#downloads-for-v1274) - [Source Code](#source-code-12) - [Client Binaries](#client-binaries-12) - [Server Binaries](#server-binaries-12) - [Node Binaries](#node-binaries-12) - [Container Images](#container-images-12) - - [Changelog since v1.27.2](#changelog-since-v1272) - - [Important Security Information](#important-security-information-3) - - [CVE-2023-2728: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin](#cve-2023-2728-bypassing-enforce-mountable-secrets-policy-imposed-by-the-serviceaccount-admission-plugin) + - [Changelog since v1.27.3](#changelog-since-v1273) - [Changes by Kind](#changes-by-kind-12) - [Feature](#feature-11) - [Bug or Regression](#bug-or-regression-12) @@ -213,175 +213,308 @@ - [Added](#added-12) - [Changed](#changed-12) - [Removed](#removed-12) -- [v1.27.2](#v1272) - - [Downloads for v1.27.2](#downloads-for-v1272) +- [v1.27.3](#v1273) + - [Downloads for v1.27.3](#downloads-for-v1273) - [Source Code](#source-code-13) - [Client Binaries](#client-binaries-13) - [Server Binaries](#server-binaries-13) - [Node Binaries](#node-binaries-13) - [Container Images](#container-images-13) - - [Changelog since v1.27.1](#changelog-since-v1271) + - [Changelog since v1.27.2](#changelog-since-v1272) + - [Important Security Information](#important-security-information-4) + - [CVE-2023-2728: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin](#cve-2023-2728-bypassing-enforce-mountable-secrets-policy-imposed-by-the-serviceaccount-admission-plugin) - [Changes by Kind](#changes-by-kind-13) - - [API Change](#api-change-4) - [Feature](#feature-12) - - [Failing Test](#failing-test-1) - [Bug or Regression](#bug-or-regression-13) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-5) - [Dependencies](#dependencies-13) - [Added](#added-13) - [Changed](#changed-13) - [Removed](#removed-13) -- [v1.27.1](#v1271) - - [Downloads for v1.27.1](#downloads-for-v1271) +- [v1.27.2](#v1272) + - [Downloads for v1.27.2](#downloads-for-v1272) - [Source Code](#source-code-14) - [Client Binaries](#client-binaries-14) - [Server Binaries](#server-binaries-14) - [Node Binaries](#node-binaries-14) - [Container Images](#container-images-14) - - [Changelog since v1.27.0](#changelog-since-v1270) + - [Changelog since v1.27.1](#changelog-since-v1271) - [Changes by Kind](#changes-by-kind-14) + - [API Change](#api-change-4) + - [Feature](#feature-13) + - [Failing Test](#failing-test-1) - [Bug or Regression](#bug-or-regression-14) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-5) - [Dependencies](#dependencies-14) - [Added](#added-14) - [Changed](#changed-14) - [Removed](#removed-14) -- [v1.27.0](#v1270) - - [Downloads for v1.27.0](#downloads-for-v1270) +- [v1.27.1](#v1271) + - [Downloads for v1.27.1](#downloads-for-v1271) - [Source Code](#source-code-15) - [Client Binaries](#client-binaries-15) - [Server Binaries](#server-binaries-15) - [Node Binaries](#node-binaries-15) - [Container Images](#container-images-15) - - [Changelog since v1.26.0](#changelog-since-v1260) - - [Known Issues](#known-issues) - - [The PreEnqueue extension point doesn't work for Pods going to activeQ through backoffQ](#the-preenqueue-extension-point-doesnt-work-for-pods-going-to-activeq-through-backoffq) - - [Urgent Upgrade Notes](#urgent-upgrade-notes) - - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade) + - [Changelog since v1.27.0](#changelog-since-v1270) - [Changes by Kind](#changes-by-kind-15) - - [Deprecation](#deprecation) - - [API Change](#api-change-5) - - [Feature](#feature-13) - - [Documentation](#documentation) - - [Failing Test](#failing-test-2) - [Bug or Regression](#bug-or-regression-15) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-6) - [Dependencies](#dependencies-15) - [Added](#added-15) - [Changed](#changed-15) - [Removed](#removed-15) -- [v1.27.0-rc.1](#v1270-rc1) - - [Downloads for v1.27.0-rc.1](#downloads-for-v1270-rc1) +- [v1.27.0](#v1270) + - [Downloads for v1.27.0](#downloads-for-v1270) - [Source Code](#source-code-16) - [Client Binaries](#client-binaries-16) - [Server Binaries](#server-binaries-16) - [Node Binaries](#node-binaries-16) - [Container Images](#container-images-16) - - [Changelog since v1.27.0-rc.0](#changelog-since-v1270-rc0) + - [Changelog since v1.26.0](#changelog-since-v1260) + - [Known Issues](#known-issues) + - [The PreEnqueue extension point doesn't work for Pods going to activeQ through backoffQ](#the-preenqueue-extension-point-doesnt-work-for-pods-going-to-activeq-through-backoffq) + - [Urgent Upgrade Notes](#urgent-upgrade-notes) + - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade) - [Changes by Kind](#changes-by-kind-16) + - [Deprecation](#deprecation) + - [API Change](#api-change-5) - [Feature](#feature-14) + - [Documentation](#documentation) + - [Failing Test](#failing-test-2) - [Bug or Regression](#bug-or-regression-16) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-6) - [Dependencies](#dependencies-16) - [Added](#added-16) - [Changed](#changed-16) - [Removed](#removed-16) -- [v1.27.0-rc.0](#v1270-rc0) - - [Downloads for v1.27.0-rc.0](#downloads-for-v1270-rc0) +- [v1.27.0-rc.1](#v1270-rc1) + - [Downloads for v1.27.0-rc.1](#downloads-for-v1270-rc1) - [Source Code](#source-code-17) - [Client Binaries](#client-binaries-17) - [Server Binaries](#server-binaries-17) - [Node Binaries](#node-binaries-17) - [Container Images](#container-images-17) - - [Changelog since v1.27.0-beta.0](#changelog-since-v1270-beta0) + - [Changelog since v1.27.0-rc.0](#changelog-since-v1270-rc0) - [Changes by Kind](#changes-by-kind-17) - - [API Change](#api-change-6) - [Feature](#feature-15) - [Bug or Regression](#bug-or-regression-17) - [Dependencies](#dependencies-17) - [Added](#added-17) - [Changed](#changed-17) - [Removed](#removed-17) -- [v1.27.0-beta.0](#v1270-beta0) - - [Downloads for v1.27.0-beta.0](#downloads-for-v1270-beta0) +- [v1.27.0-rc.0](#v1270-rc0) + - [Downloads for v1.27.0-rc.0](#downloads-for-v1270-rc0) - [Source Code](#source-code-18) - [Client Binaries](#client-binaries-18) - [Server Binaries](#server-binaries-18) - [Node Binaries](#node-binaries-18) - [Container Images](#container-images-18) - - [Changelog since v1.27.0-alpha.3](#changelog-since-v1270-alpha3) - - [Urgent Upgrade Notes](#urgent-upgrade-notes-1) - - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade-1) + - [Changelog since v1.27.0-beta.0](#changelog-since-v1270-beta0) - [Changes by Kind](#changes-by-kind-18) - - [Deprecation](#deprecation-1) - - [API Change](#api-change-7) + - [API Change](#api-change-6) - [Feature](#feature-16) - - [Documentation](#documentation-1) - - [Failing Test](#failing-test-3) - [Bug or Regression](#bug-or-regression-18) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-7) - [Dependencies](#dependencies-18) - [Added](#added-18) - [Changed](#changed-18) - [Removed](#removed-18) -- [v1.27.0-alpha.3](#v1270-alpha3) - - [Downloads for v1.27.0-alpha.3](#downloads-for-v1270-alpha3) +- [v1.27.0-beta.0](#v1270-beta0) + - [Downloads for v1.27.0-beta.0](#downloads-for-v1270-beta0) - [Source Code](#source-code-19) - [Client Binaries](#client-binaries-19) - [Server Binaries](#server-binaries-19) - [Node Binaries](#node-binaries-19) - [Container Images](#container-images-19) - - [Changelog since v1.27.0-alpha.2](#changelog-since-v1270-alpha2) + - [Changelog since v1.27.0-alpha.3](#changelog-since-v1270-alpha3) + - [Urgent Upgrade Notes](#urgent-upgrade-notes-1) + - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade-1) - [Changes by Kind](#changes-by-kind-19) - - [Deprecation](#deprecation-2) - - [API Change](#api-change-8) + - [Deprecation](#deprecation-1) + - [API Change](#api-change-7) - [Feature](#feature-17) - - [Documentation](#documentation-2) - - [Failing Test](#failing-test-4) + - [Documentation](#documentation-1) + - [Failing Test](#failing-test-3) - [Bug or Regression](#bug-or-regression-19) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-8) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-7) - [Dependencies](#dependencies-19) - [Added](#added-19) - [Changed](#changed-19) - [Removed](#removed-19) -- [v1.27.0-alpha.2](#v1270-alpha2) - - [Downloads for v1.27.0-alpha.2](#downloads-for-v1270-alpha2) +- [v1.27.0-alpha.3](#v1270-alpha3) + - [Downloads for v1.27.0-alpha.3](#downloads-for-v1270-alpha3) - [Source Code](#source-code-20) - [Client Binaries](#client-binaries-20) - [Server Binaries](#server-binaries-20) - [Node Binaries](#node-binaries-20) - [Container Images](#container-images-20) - - [Changelog since v1.27.0-alpha.1](#changelog-since-v1270-alpha1) + - [Changelog since v1.27.0-alpha.2](#changelog-since-v1270-alpha2) - [Changes by Kind](#changes-by-kind-20) - - [API Change](#api-change-9) + - [Deprecation](#deprecation-2) + - [API Change](#api-change-8) - [Feature](#feature-18) + - [Documentation](#documentation-2) + - [Failing Test](#failing-test-4) - [Bug or Regression](#bug-or-regression-20) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-9) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-8) - [Dependencies](#dependencies-20) - [Added](#added-20) - [Changed](#changed-20) - [Removed](#removed-20) -- [v1.27.0-alpha.1](#v1270-alpha1) - - [Downloads for v1.27.0-alpha.1](#downloads-for-v1270-alpha1) +- [v1.27.0-alpha.2](#v1270-alpha2) + - [Downloads for v1.27.0-alpha.2](#downloads-for-v1270-alpha2) - [Source Code](#source-code-21) - [Client Binaries](#client-binaries-21) - [Server Binaries](#server-binaries-21) - [Node Binaries](#node-binaries-21) - [Container Images](#container-images-21) - - [Changelog since v1.26.0](#changelog-since-v1260-1) + - [Changelog since v1.27.0-alpha.1](#changelog-since-v1270-alpha1) - [Changes by Kind](#changes-by-kind-21) - - [Deprecation](#deprecation-3) - - [API Change](#api-change-10) + - [API Change](#api-change-9) - [Feature](#feature-19) - - [Documentation](#documentation-3) - - [Failing Test](#failing-test-5) - [Bug or Regression](#bug-or-regression-21) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-10) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-9) - [Dependencies](#dependencies-21) - [Added](#added-21) - [Changed](#changed-21) - [Removed](#removed-21) +- [v1.27.0-alpha.1](#v1270-alpha1) + - [Downloads for v1.27.0-alpha.1](#downloads-for-v1270-alpha1) + - [Source Code](#source-code-22) + - [Client Binaries](#client-binaries-22) + - [Server Binaries](#server-binaries-22) + - [Node Binaries](#node-binaries-22) + - [Container Images](#container-images-22) + - [Changelog since v1.26.0](#changelog-since-v1260-1) + - [Changes by Kind](#changes-by-kind-22) + - [Deprecation](#deprecation-3) + - [API Change](#api-change-10) + - [Feature](#feature-20) + - [Documentation](#documentation-3) + - [Failing Test](#failing-test-5) + - [Bug or Regression](#bug-or-regression-22) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-10) + - [Dependencies](#dependencies-22) + - [Added](#added-22) + - [Changed](#changed-22) + - [Removed](#removed-22) +# v1.27.16 + + +## Downloads for v1.27.16 + + + +### Source Code + +filename | sha512 hash +-------- | ----------- +[kubernetes.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes.tar.gz) | 0939ac0ac9badaedb600b3f0900c51da29236485f03b7bbb073d62cafc6e672de9218c09ed0089566241dfe273188ef2e11206a93994ff824d213d83f43c63fc +[kubernetes-src.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-src.tar.gz) | fba641f745b5eef6f17e16501025959e570ae88912d79e2e08b4c79d18475430b879f98947d516871407feb297d5dac9b2fbc4ca565d3770c600d9550f3cffac + +### Client Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-client-darwin-amd64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-client-darwin-amd64.tar.gz) | 8c4a574dfa1140600c1b74b071aac5f893a609917652793e84cc344aa5b1fc8b9578109953203e6f968183f5b798144efa33cdc36c4a5df58489c8553f508e2f +[kubernetes-client-darwin-arm64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-client-darwin-arm64.tar.gz) | 6d175b2a884d09ce5a4b645c71200a92df4b2c8ef1a3890f36a672912d1c76e4ed9b159d538fb37892665d44d2314c537bd6ab98b2571330a3d47b516ddf7243 +[kubernetes-client-linux-386.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-client-linux-386.tar.gz) | 8c00094792edccae78abeb697e206a2a6e6d3d335a9d91ef6bf9dfc3b122b36ef9a781420eb08f835eb78b7c3d3768a5eb1426a041375ff4570a34313126c87b +[kubernetes-client-linux-amd64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-client-linux-amd64.tar.gz) | 19a757de6428ea418e55d8520b3cfaf4ce8a432dfb923714cfc1411d5f8d5d3b3b1d77819571ddc2c2c6c5e7a37e54bcfe8a062dd86e45c263a01f1cc2f39290 +[kubernetes-client-linux-arm.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-client-linux-arm.tar.gz) | de7ae9f784b5aeb68fd6bc85388c2f026a9e369c8ce4e880a1bfd31682e7988d87c9ead970a05100b708dec277de32c358a362b6615f0e17f004e65cd70f947c +[kubernetes-client-linux-arm64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-client-linux-arm64.tar.gz) | 3bb8cceb0e47744c7ddb143f3def61c442ac6b3408f0e2d68768a28604eb76d8d03cced58d8c36d2d58d52e2be9008737015ddeeb823fa2ea492b003533b1b3b +[kubernetes-client-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-client-linux-ppc64le.tar.gz) | 779db2eb3b9e740c5357c240b1a2b8ca156a6fc3a27e7dc4ebdf58c18a4b1e919622e4a7be708489343d10675fc2d64a49ec5cb282f7e09541dbf7f7dbb6218f +[kubernetes-client-linux-s390x.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-client-linux-s390x.tar.gz) | 0edcc792305e7f4fc63aead6018866c2f908c583080c4d4065476384bbb71ead01c08a9b3502e506bca3d201fa4ee2f1b8005c1e207acf798c58a698b4484cda +[kubernetes-client-windows-386.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-client-windows-386.tar.gz) | 2250c887fa139cb7411618c210a56f2e65ccf23c516e6d073779547890569577dce3f3bf16b42396dd00a7fa7ecb08c588bbbafc76750856d56da8a903395802 +[kubernetes-client-windows-amd64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-client-windows-amd64.tar.gz) | 9291fb5fb48e877d6d03937defb0c52cbe2af2fb762e30475a0849e89f0dc46318ed21a598b3d119f0cfb639ec38b8a7403b82263f7d0d28b634ac3921325c1a +[kubernetes-client-windows-arm64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-client-windows-arm64.tar.gz) | 7f1e08bc17590bfece171a64aee3f34c7f519e7d11acb8b0afc1578bf2168f644ff8b9e57b0b0263f2387af238f3558585b1842f4e1880dc50ce2d7987a52345 + +### Server Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-server-linux-amd64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-server-linux-amd64.tar.gz) | cbcb0591a3a84f98cf2c7abe11c5531e7f79850714abdd957be52049afed14031d0ab9c584c2e54775bceedf8833a500148d5d01335474b33cbb8b30b7ce51b3 +[kubernetes-server-linux-arm64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-server-linux-arm64.tar.gz) | a608c476d32cbab392419095cc24dff36ffe8b75f6d3150b3a7e4351f3b38c67e659692941ce79a0428febab2e7dc0a255af33b4ac0f82465456ea2bf66c7240 +[kubernetes-server-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-server-linux-ppc64le.tar.gz) | 027ec52d46116616ee4a89584add4d696f0384ef705a9b79b690144fa47109f6dcc9d89aa48ebb64f9aaee9def5174eb7943d879b3dbc643ee64eda9ad0c5772 +[kubernetes-server-linux-s390x.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-server-linux-s390x.tar.gz) | bae6ab6f82c35068f5835866d02c873a1efcb5824022b174d1c19b55cbf10d5b68c5028da0d7dd34aa2308ed6de6c9c78a84d4c31442431d17ce15f0e40ab8e0 + +### Node Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-node-linux-amd64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-node-linux-amd64.tar.gz) | 55532060b056be6c499b8d8cb5884827ae9b25d953d03611880264d96c164f3648c662e5b2b653d081242eb407811ecd873637c38ab0678654339a60774b1016 +[kubernetes-node-linux-arm64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-node-linux-arm64.tar.gz) | c8dea73d480b85ad25f34166b89a095f53cdbf41b5ef83570710421ed444ee9f6a6507d0dbea52a58ffb70b50840cbd9304b149434b0abdf4cbca85b04b3ddde +[kubernetes-node-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-node-linux-ppc64le.tar.gz) | c7c4f7afa9aa039f9b3d3cf1c290e5f1765af919d0c87a69cf3416fd2051e3dc5d98a961cce3e15e56dc37094731f335d283dc48e3d371667dd7eaddaf5b2755 +[kubernetes-node-linux-s390x.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-node-linux-s390x.tar.gz) | 7aeeddd496b0b5ef4437029a03eb20ee8f3f95fe9cac082ef8ae2d377cfa049d3c0dee702c9b2a646ed79e3ed1ac4f5481fa1f3ff8944b425fef6bf3f1ecdd2f +[kubernetes-node-windows-amd64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-node-windows-amd64.tar.gz) | 8aa07111a478ee24d79001d93e4d1170b409883824077f9b6d95d49ab584595fdc285d05a71c2537668dcf6639c51ca9f35cc39e6d17a9937ca4862c0184e7ad + +### Container Images + +All container images are available as manifest lists and support the described +architectures. It is also possible to pull a specific architecture directly by +adding the "-$ARCH" suffix to the container image name. + +name | architectures +---- | ------------- +[registry.k8s.io/conformance:v1.27.16](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/conformance) | [amd64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/conformance-amd64), [arm64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/conformance-arm64), [ppc64le](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/conformance-ppc64le), [s390x](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/conformance-s390x) +[registry.k8s.io/kube-apiserver:v1.27.16](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-apiserver) | [amd64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-apiserver-amd64), [arm64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-apiserver-arm64), [ppc64le](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-apiserver-ppc64le), [s390x](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-apiserver-s390x) +[registry.k8s.io/kube-controller-manager:v1.27.16](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-controller-manager) | [amd64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-controller-manager-amd64), [arm64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-controller-manager-arm64), [ppc64le](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-controller-manager-ppc64le), [s390x](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-controller-manager-s390x) +[registry.k8s.io/kube-proxy:v1.27.16](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-proxy) | [amd64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-proxy-amd64), [arm64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-proxy-arm64), [ppc64le](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-proxy-ppc64le), [s390x](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-proxy-s390x) +[registry.k8s.io/kube-scheduler:v1.27.16](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-scheduler) | [amd64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-scheduler-amd64), [arm64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-scheduler-arm64), [ppc64le](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-scheduler-ppc64le), [s390x](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-scheduler-s390x) + +## Changelog since v1.27.15 + +## Important Security Information + +This release contains changes that address the following vulnerabilities: + +### CVE-2024-5321: Incorrect permissions on Windows containers logs + +A security issue was discovered in Kubernetes clusters with Windows nodes +where BUILTIN\Users may be able to read container logs and NT +AUTHORITY\Authenticated Users may be able to modify container logs. + +**Affected Versions**: + - kubelet <= 1.27.15 + - kubelet <= 1.28.11 + - kubelet <= 1.29.6 + - kubelet <= 1.30.2 + +**Fixed Versions**: + - kubelet 1.27.16 + - kubelet 1.28.12 + - kubelet 1.29.7 + - kubelet 1.30.3 + +This vulnerability was reported by Paulo Gomes @pjbgf from SUSE. + + +**CVSS Rating:** Medium (6.1) [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N) + +## Changes by Kind + +### Feature + +- Kubernetes is now built with go 1.22.4 ([#125701](https://github.com/kubernetes/kubernetes/pull/125701), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing] +- Kubernetes is now built with go 1.22.5 ([#125898](https://github.com/kubernetes/kubernetes/pull/125898), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing] + +### Bug or Regression + +- NONE ([#126126](https://github.com/kubernetes/kubernetes/pull/126126), [@cji](https://github.com/cji)) [SIG Node and Windows] + +## Dependencies + +### Added +_Nothing has changed._ + +### Changed +_Nothing has changed._ + +### Removed +_Nothing has changed._ + + + # v1.27.15