github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-29 22:46:12 +00:00
Code Issues Projects Releases Wiki Activity

CHANGELOG: Update directory for v1.25.16 release

Browse Source
This commit is contained in:
Kubernetes Release Robot 2023-11-15 23:08:29 +00:00
parent 94fe1b3b0c
commit c3ff08250e
1 changed files with 287 additions and 171 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

458
CHANGELOG/CHANGELOG-1.25.md
View File

@ -1,254 +1,268 @@
<!-- BEGIN MUNGE: GENERATED_TOC -->
- [v1.25.15](#v12515)
- [Downloads for v1.25.15](#downloads-for-v12515)
- [v1.25.16](#v12516)
- [Downloads for v1.25.16](#downloads-for-v12516)
- [Source Code](#source-code)
- [Client Binaries](#client-binaries)
- [Server Binaries](#server-binaries)
- [Node Binaries](#node-binaries)
- [Container Images](#container-images)
- [Changelog since v1.25.14](#changelog-since-v12514)
- [Changes by Kind](#changes-by-kind)
- [Feature](#feature)
- [Bug or Regression](#bug-or-regression)
- [Other (Cleanup or Flake)](#other-cleanup-or-flake)
- [Changelog since v1.25.15](#changelog-since-v12515)
- [Important Security Information](#important-security-information)
- [CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes](#cve-2023-5528-insufficient-input-sanitization-in-in-tree-storage-plugin-leads-to-privilege-escalation-on-windows-nodes)
- [Dependencies](#dependencies)
- [Added](#added)
- [Changed](#changed)
- [Removed](#removed)
- [v1.25.14](#v12514)
- [Downloads for v1.25.14](#downloads-for-v12514)
- [v1.25.15](#v12515)
- [Downloads for v1.25.15](#downloads-for-v12515)
- [Source Code](#source-code-1)
- [Client Binaries](#client-binaries-1)
- [Server Binaries](#server-binaries-1)
- [Node Binaries](#node-binaries-1)
- [Container Images](#container-images-1)
- [Changelog since v1.25.14](#changelog-since-v12514)
- [Changes by Kind](#changes-by-kind)
- [Feature](#feature)
- [Bug or Regression](#bug-or-regression)
- [Other (Cleanup or Flake)](#other-cleanup-or-flake)
- [Dependencies](#dependencies-1)
- [Added](#added-1)
- [Changed](#changed-1)
- [Removed](#removed-1)
- [v1.25.14](#v12514)
- [Downloads for v1.25.14](#downloads-for-v12514)
- [Source Code](#source-code-2)
- [Client Binaries](#client-binaries-2)
- [Server Binaries](#server-binaries-2)
- [Node Binaries](#node-binaries-2)
- [Container Images](#container-images-2)
- [Changelog since v1.25.13](#changelog-since-v12513)
- [Changes by Kind](#changes-by-kind-1)
- [API Change](#api-change)
- [Feature](#feature-1)
- [Bug or Regression](#bug-or-regression-1)
- [Other (Cleanup or Flake)](#other-cleanup-or-flake-1)
- [Dependencies](#dependencies-1)
- [Added](#added-1)
- [Changed](#changed-1)
- [Removed](#removed-1)
- [v1.25.13](#v12513)
- [Downloads for v1.25.13](#downloads-for-v12513)
- [Source Code](#source-code-2)
- [Client Binaries](#client-binaries-2)
- [Server Binaries](#server-binaries-2)
- [Node Binaries](#node-binaries-2)
- [Container Images](#container-images-2)
- [Changelog since v1.25.12](#changelog-since-v12512)
- [Important Security Information](#important-security-information)
- [CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3955-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation)
- [CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3676-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation)
- [Changes by Kind](#changes-by-kind-2)
- [Feature](#feature-2)
- [Bug or Regression](#bug-or-regression-2)
- [Dependencies](#dependencies-2)
- [Added](#added-2)
- [Changed](#changed-2)
- [Removed](#removed-2)
- [v1.25.12](#v12512)
- [Downloads for v1.25.12](#downloads-for-v12512)
- [v1.25.13](#v12513)
- [Downloads for v1.25.13](#downloads-for-v12513)
- [Source Code](#source-code-3)
- [Client Binaries](#client-binaries-3)
- [Server Binaries](#server-binaries-3)
- [Node Binaries](#node-binaries-3)
- [Container Images](#container-images-3)
- [Changelog since v1.25.11](#changelog-since-v12511)
- [Changes by Kind](#changes-by-kind-3)
- [Feature](#feature-3)
- [Bug or Regression](#bug-or-regression-3)
- [Changelog since v1.25.12](#changelog-since-v12512)
- [Important Security Information](#important-security-information-1)
- [CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3955-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation)
- [CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3676-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation)
- [Changes by Kind](#changes-by-kind-2)
- [Feature](#feature-2)
- [Bug or Regression](#bug-or-regression-2)
- [Dependencies](#dependencies-3)
- [Added](#added-3)
- [Changed](#changed-3)
- [Removed](#removed-3)
- [v1.25.11](#v12511)
- [Downloads for v1.25.11](#downloads-for-v12511)
- [v1.25.12](#v12512)
- [Downloads for v1.25.12](#downloads-for-v12512)
- [Source Code](#source-code-4)
- [Client Binaries](#client-binaries-4)
- [Server Binaries](#server-binaries-4)
- [Node Binaries](#node-binaries-4)
- [Container Images](#container-images-4)
- [Changelog since v1.25.10](#changelog-since-v12510)
- [Important Security Information](#important-security-information-1)
- [CVE-2023-2728: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin](#cve-2023-2728-bypassing-enforce-mountable-secrets-policy-imposed-by-the-serviceaccount-admission-plugin)
- [Changes by Kind](#changes-by-kind-4)
- [Feature](#feature-4)
- [Bug or Regression](#bug-or-regression-4)
- [Changelog since v1.25.11](#changelog-since-v12511)
- [Changes by Kind](#changes-by-kind-3)
- [Feature](#feature-3)
- [Bug or Regression](#bug-or-regression-3)
- [Dependencies](#dependencies-4)
- [Added](#added-4)
- [Changed](#changed-4)
- [Removed](#removed-4)
- [v1.25.10](#v12510)
- [Downloads for v1.25.10](#downloads-for-v12510)
- [v1.25.11](#v12511)
- [Downloads for v1.25.11](#downloads-for-v12511)
- [Source Code](#source-code-5)
- [Client Binaries](#client-binaries-5)
- [Server Binaries](#server-binaries-5)
- [Node Binaries](#node-binaries-5)
- [Container Images](#container-images-5)
- [Changelog since v1.25.10](#changelog-since-v12510)
- [Important Security Information](#important-security-information-2)
- [CVE-2023-2728: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin](#cve-2023-2728-bypassing-enforce-mountable-secrets-policy-imposed-by-the-serviceaccount-admission-plugin)
- [Changes by Kind](#changes-by-kind-4)
- [Feature](#feature-4)
- [Bug or Regression](#bug-or-regression-4)
- [Dependencies](#dependencies-5)
- [Added](#added-5)
- [Changed](#changed-5)
- [Removed](#removed-5)
- [v1.25.10](#v12510)
- [Downloads for v1.25.10](#downloads-for-v12510)
- [Source Code](#source-code-6)
- [Client Binaries](#client-binaries-6)
- [Server Binaries](#server-binaries-6)
- [Node Binaries](#node-binaries-6)
- [Container Images](#container-images-6)
- [Changelog since v1.25.9](#changelog-since-v1259)
- [Changes by Kind](#changes-by-kind-5)
- [API Change](#api-change-1)
- [Feature](#feature-5)
- [Bug or Regression](#bug-or-regression-5)
- [Other (Cleanup or Flake)](#other-cleanup-or-flake-2)
- [Dependencies](#dependencies-5)
- [Added](#added-5)
- [Changed](#changed-5)
- [Removed](#removed-5)
- [v1.25.9](#v1259)
- [Downloads for v1.25.9](#downloads-for-v1259)
- [Source Code](#source-code-6)
- [Client Binaries](#client-binaries-6)
- [Server Binaries](#server-binaries-6)
- [Node Binaries](#node-binaries-6)
- [Container Images](#container-images-6)
- [Changelog since v1.25.8](#changelog-since-v1258)
- [Changes by Kind](#changes-by-kind-6)
- [Feature](#feature-6)
- [Bug or Regression](#bug-or-regression-6)
- [Other (Cleanup or Flake)](#other-cleanup-or-flake-3)
- [Dependencies](#dependencies-6)
- [Added](#added-6)
- [Changed](#changed-6)
- [Removed](#removed-6)
- [v1.25.8](#v1258)
- [Downloads for v1.25.8](#downloads-for-v1258)
- [v1.25.9](#v1259)
- [Downloads for v1.25.9](#downloads-for-v1259)
- [Source Code](#source-code-7)
- [Client Binaries](#client-binaries-7)
- [Server Binaries](#server-binaries-7)
- [Node Binaries](#node-binaries-7)
- [Container Images](#container-images-7)
- [Changelog since v1.25.7](#changelog-since-v1257)
- [Changes by Kind](#changes-by-kind-7)
- [Feature](#feature-7)
- [Bug or Regression](#bug-or-regression-7)
- [Changelog since v1.25.8](#changelog-since-v1258)
- [Changes by Kind](#changes-by-kind-6)
- [Feature](#feature-6)
- [Bug or Regression](#bug-or-regression-6)
- [Other (Cleanup or Flake)](#other-cleanup-or-flake-3)
- [Dependencies](#dependencies-7)
- [Added](#added-7)
- [Changed](#changed-7)
- [Removed](#removed-7)
- [v1.25.7](#v1257)
- [Downloads for v1.25.7](#downloads-for-v1257)
- [v1.25.8](#v1258)
- [Downloads for v1.25.8](#downloads-for-v1258)
- [Source Code](#source-code-8)
- [Client Binaries](#client-binaries-8)
- [Server Binaries](#server-binaries-8)
- [Node Binaries](#node-binaries-8)
- [Container Images](#container-images-8)
- [Changelog since v1.25.6](#changelog-since-v1256)
- [Changes by Kind](#changes-by-kind-8)
- [Feature](#feature-8)
- [Bug or Regression](#bug-or-regression-8)
- [Changelog since v1.25.7](#changelog-since-v1257)
- [Changes by Kind](#changes-by-kind-7)
- [Feature](#feature-7)
- [Bug or Regression](#bug-or-regression-7)
- [Dependencies](#dependencies-8)
- [Added](#added-8)
- [Changed](#changed-8)
- [Removed](#removed-8)
- [v1.25.6](#v1256)
- [Downloads for v1.25.6](#downloads-for-v1256)
- [v1.25.7](#v1257)
- [Downloads for v1.25.7](#downloads-for-v1257)
- [Source Code](#source-code-9)
- [Client Binaries](#client-binaries-9)
- [Server Binaries](#server-binaries-9)
- [Node Binaries](#node-binaries-9)
- [Container Images](#container-images-9)
- [Changelog since v1.25.5](#changelog-since-v1255)
- [Changes by Kind](#changes-by-kind-9)
- [Feature](#feature-9)
- [Bug or Regression](#bug-or-regression-9)
- [Changelog since v1.25.6](#changelog-since-v1256)
- [Changes by Kind](#changes-by-kind-8)
- [Feature](#feature-8)
- [Bug or Regression](#bug-or-regression-8)
- [Dependencies](#dependencies-9)
- [Added](#added-9)
- [Changed](#changed-9)
- [Removed](#removed-9)
- [v1.25.5](#v1255)
- [Downloads for v1.25.5](#downloads-for-v1255)
- [v1.25.6](#v1256)
- [Downloads for v1.25.6](#downloads-for-v1256)
- [Source Code](#source-code-10)
- [Client Binaries](#client-binaries-10)
- [Server Binaries](#server-binaries-10)
- [Node Binaries](#node-binaries-10)
- [Container Images](#container-images-10)
- [Changelog since v1.25.4](#changelog-since-v1254)
- [Changes by Kind](#changes-by-kind-10)
- [Feature](#feature-10)
- [Bug or Regression](#bug-or-regression-10)
- [Changelog since v1.25.5](#changelog-since-v1255)
- [Changes by Kind](#changes-by-kind-9)
- [Feature](#feature-9)
- [Bug or Regression](#bug-or-regression-9)
- [Dependencies](#dependencies-10)
- [Added](#added-10)
- [Changed](#changed-10)
- [Removed](#removed-10)
- [v1.25.4](#v1254)
- [Downloads for v1.25.4](#downloads-for-v1254)
- [v1.25.5](#v1255)
- [Downloads for v1.25.5](#downloads-for-v1255)
- [Source Code](#source-code-11)
- [Client Binaries](#client-binaries-11)
- [Server Binaries](#server-binaries-11)
- [Node Binaries](#node-binaries-11)
- [Container Images](#container-images-11)
- [Changelog since v1.25.4](#changelog-since-v1254)
- [Changes by Kind](#changes-by-kind-10)
- [Feature](#feature-10)
- [Bug or Regression](#bug-or-regression-10)
- [Dependencies](#dependencies-11)
- [Added](#added-11)
- [Changed](#changed-11)
- [Removed](#removed-11)
- [v1.25.4](#v1254)
- [Downloads for v1.25.4](#downloads-for-v1254)
- [Source Code](#source-code-12)
- [Client Binaries](#client-binaries-12)
- [Server Binaries](#server-binaries-12)
- [Node Binaries](#node-binaries-12)
- [Container Images](#container-images-12)
- [Changelog since v1.25.3](#changelog-since-v1253)
- [Important Security Information](#important-security-information-2)
- [Important Security Information](#important-security-information-3)
- [CVE-2022-3162: Unauthorized read of Custom Resources](#cve-2022-3162-unauthorized-read-of-custom-resources)
- [CVE-2022-3294: Node address isn't always verified when proxying](#cve-2022-3294-node-address-isnt-always-verified-when-proxying)
- [Changes by Kind](#changes-by-kind-11)
- [API Change](#api-change-2)
- [Feature](#feature-11)
- [Bug or Regression](#bug-or-regression-11)
- [Dependencies](#dependencies-11)
- [Added](#added-11)
- [Changed](#changed-11)
- [Removed](#removed-11)
- [v1.25.3](#v1253)
- [Downloads for v1.25.3](#downloads-for-v1253)
- [Source Code](#source-code-12)
- [Client Binaries](#client-binaries-12)
- [Server Binaries](#server-binaries-12)
- [Node Binaries](#node-binaries-12)
- [Container Images](#container-images-12)
- [Changelog since v1.25.2](#changelog-since-v1252)
- [Changes by Kind](#changes-by-kind-12)
- [Feature](#feature-12)
- [Bug or Regression](#bug-or-regression-12)
- [Dependencies](#dependencies-12)
- [Added](#added-12)
- [Changed](#changed-12)
- [Removed](#removed-12)
- [v1.25.2](#v1252)
- [Downloads for v1.25.2](#downloads-for-v1252)
- [v1.25.3](#v1253)
- [Downloads for v1.25.3](#downloads-for-v1253)
- [Source Code](#source-code-13)
- [Client Binaries](#client-binaries-13)
- [Server Binaries](#server-binaries-13)
- [Node Binaries](#node-binaries-13)
- [Container Images](#container-images-13)
- [Changelog since v1.25.1](#changelog-since-v1251)
- [Changes by Kind](#changes-by-kind-13)
- [Bug or Regression](#bug-or-regression-13)
- [Changelog since v1.25.2](#changelog-since-v1252)
- [Changes by Kind](#changes-by-kind-12)
- [Feature](#feature-12)
- [Bug or Regression](#bug-or-regression-12)
- [Dependencies](#dependencies-13)
- [Added](#added-13)
- [Changed](#changed-13)
- [Removed](#removed-13)
- [v1.25.1](#v1251)
- [Downloads for v1.25.1](#downloads-for-v1251)
- [v1.25.2](#v1252)
- [Downloads for v1.25.2](#downloads-for-v1252)
- [Source Code](#source-code-14)
- [Client Binaries](#client-binaries-14)
- [Server Binaries](#server-binaries-14)
- [Node Binaries](#node-binaries-14)
- [Container Images](#container-images-14)
- [Changelog since v1.25.0](#changelog-since-v1250)
- [Important Security Information](#important-security-information-3)
- [CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)](#cve-2022-3172-aggregated-api-server-can-cause-clients-to-be-redirected-ssrf)
- [Changes by Kind](#changes-by-kind-14)
- [API Change](#api-change-3)
- [Feature](#feature-13)
- [Bug or Regression](#bug-or-regression-14)
- [Changelog since v1.25.1](#changelog-since-v1251)
- [Changes by Kind](#changes-by-kind-13)
- [Bug or Regression](#bug-or-regression-13)
- [Dependencies](#dependencies-14)
- [Added](#added-14)
- [Changed](#changed-14)
- [Removed](#removed-14)
- [v1.25.0](#v1250)
- [Downloads for v1.25.0](#downloads-for-v1250)
- [v1.25.1](#v1251)
- [Downloads for v1.25.1](#downloads-for-v1251)
- [Source Code](#source-code-15)
- [Client Binaries](#client-binaries-15)
- [Server Binaries](#server-binaries-15)
- [Node Binaries](#node-binaries-15)
- [Container Images](#container-images-15)
- [Changelog since v1.25.0](#changelog-since-v1250)
- [Important Security Information](#important-security-information-4)
- [CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)](#cve-2022-3172-aggregated-api-server-can-cause-clients-to-be-redirected-ssrf)
- [Changes by Kind](#changes-by-kind-14)
- [API Change](#api-change-3)
- [Feature](#feature-13)
- [Bug or Regression](#bug-or-regression-14)
- [Dependencies](#dependencies-15)
- [Added](#added-15)
- [Changed](#changed-15)
- [Removed](#removed-15)
- [v1.25.0](#v1250)
- [Downloads for v1.25.0](#downloads-for-v1250)
- [Source Code](#source-code-16)
- [Client Binaries](#client-binaries-16)
- [Server Binaries](#server-binaries-16)
- [Node Binaries](#node-binaries-16)
- [Container Images](#container-images-16)
- [Changelog since v1.24.0](#changelog-since-v1240)
- [What's New (Major Themes)](#whats-new-major-themes)
- [PodSecurityPolicy is Removed, Pod Security Admission graduates to Stable](#podsecuritypolicy-is-removed-pod-security-admission-graduates-to-stable)
@ -277,47 +291,47 @@
- [Failing Test](#failing-test)
- [Bug or Regression](#bug-or-regression-15)
- [Other (Cleanup or Flake)](#other-cleanup-or-flake-4)
- [Dependencies](#dependencies-15)
- [Added](#added-15)
- [Changed](#changed-15)
- [Removed](#removed-15)
- [v1.25.0-rc.1](#v1250-rc1)
- [Downloads for v1.25.0-rc.1](#downloads-for-v1250-rc1)
- [Source Code](#source-code-16)
- [Client Binaries](#client-binaries-16)
- [Server Binaries](#server-binaries-16)
- [Node Binaries](#node-binaries-16)
- [Container Images](#container-images-16)
- [Changelog since v1.25.0-rc.0](#changelog-since-v1250-rc0)
- [Changes by Kind](#changes-by-kind-16)
- [Documentation](#documentation-1)
- [Bug or Regression](#bug-or-regression-16)
- [Dependencies](#dependencies-16)
- [Added](#added-16)
- [Changed](#changed-16)
- [Removed](#removed-16)
- [v1.25.0-rc.0](#v1250-rc0)
- [Downloads for v1.25.0-rc.0](#downloads-for-v1250-rc0)
- [v1.25.0-rc.1](#v1250-rc1)
- [Downloads for v1.25.0-rc.1](#downloads-for-v1250-rc1)
- [Source Code](#source-code-17)
- [Client Binaries](#client-binaries-17)
- [Server Binaries](#server-binaries-17)
- [Node Binaries](#node-binaries-17)
- [Container Images](#container-images-17)
- [Changelog since v1.25.0-beta.0](#changelog-since-v1250-beta0)
- [Changes by Kind](#changes-by-kind-17)
- [API Change](#api-change-5)
- [Bug or Regression](#bug-or-regression-17)
- [Changelog since v1.25.0-rc.0](#changelog-since-v1250-rc0)
- [Changes by Kind](#changes-by-kind-16)
- [Documentation](#documentation-1)
- [Bug or Regression](#bug-or-regression-16)
- [Dependencies](#dependencies-17)
- [Added](#added-17)
- [Changed](#changed-17)
- [Removed](#removed-17)
- [v1.25.0-beta.0](#v1250-beta0)
- [Downloads for v1.25.0-beta.0](#downloads-for-v1250-beta0)
- [v1.25.0-rc.0](#v1250-rc0)
- [Downloads for v1.25.0-rc.0](#downloads-for-v1250-rc0)
- [Source Code](#source-code-18)
- [Client Binaries](#client-binaries-18)
- [Server Binaries](#server-binaries-18)
- [Node Binaries](#node-binaries-18)
- [Container Images](#container-images-18)
- [Changelog since v1.25.0-beta.0](#changelog-since-v1250-beta0)
- [Changes by Kind](#changes-by-kind-17)
- [API Change](#api-change-5)
- [Bug or Regression](#bug-or-regression-17)
- [Dependencies](#dependencies-18)
- [Added](#added-18)
- [Changed](#changed-18)
- [Removed](#removed-18)
- [v1.25.0-beta.0](#v1250-beta0)
- [Downloads for v1.25.0-beta.0](#downloads-for-v1250-beta0)
- [Source Code](#source-code-19)
- [Client Binaries](#client-binaries-19)
- [Server Binaries](#server-binaries-19)
- [Node Binaries](#node-binaries-19)
- [Container Images](#container-images-19)
- [Changelog since v1.25.0-alpha.3](#changelog-since-v1250-alpha3)
- [Urgent Upgrade Notes](#urgent-upgrade-notes-1)
- [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade-1)
@ -327,17 +341,17 @@
- [Feature](#feature-15)
- [Bug or Regression](#bug-or-regression-18)
- [Other (Cleanup or Flake)](#other-cleanup-or-flake-5)
- [Dependencies](#dependencies-18)
- [Added](#added-18)
- [Changed](#changed-18)
- [Removed](#removed-18)
- [Dependencies](#dependencies-19)
- [Added](#added-19)
- [Changed](#changed-19)
- [Removed](#removed-19)
- [v1.25.0-alpha.3](#v1250-alpha3)
- [Downloads for v1.25.0-alpha.3](#downloads-for-v1250-alpha3)
- [Source Code](#source-code-19)
- [Client Binaries](#client-binaries-19)
- [Server Binaries](#server-binaries-19)
- [Node Binaries](#node-binaries-19)
- [Container Images](#container-images-19)
- [Source Code](#source-code-20)
- [Client Binaries](#client-binaries-20)
- [Server Binaries](#server-binaries-20)
- [Node Binaries](#node-binaries-20)
- [Container Images](#container-images-20)
- [Changelog since v1.25.0-alpha.2](#changelog-since-v1250-alpha2)
- [Urgent Upgrade Notes](#urgent-upgrade-notes-2)
- [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade-2)
@ -348,17 +362,17 @@
- [Documentation](#documentation-2)
- [Bug or Regression](#bug-or-regression-19)
- [Other (Cleanup or Flake)](#other-cleanup-or-flake-6)
- [Dependencies](#dependencies-19)
- [Added](#added-19)
- [Changed](#changed-19)
- [Removed](#removed-19)
- [Dependencies](#dependencies-20)
- [Added](#added-20)
- [Changed](#changed-20)
- [Removed](#removed-20)
- [v1.25.0-alpha.2](#v1250-alpha2)
- [Downloads for v1.25.0-alpha.2](#downloads-for-v1250-alpha2)
- [Source Code](#source-code-20)
- [Client Binaries](#client-binaries-20)
- [Server Binaries](#server-binaries-20)
- [Node Binaries](#node-binaries-20)
- [Container Images](#container-images-20)
- [Source Code](#source-code-21)
- [Client Binaries](#client-binaries-21)
- [Server Binaries](#server-binaries-21)
- [Node Binaries](#node-binaries-21)
- [Container Images](#container-images-21)
- [Changelog since v1.25.0-alpha.1](#changelog-since-v1250-alpha1)
- [Changes by Kind](#changes-by-kind-20)
- [API Change](#api-change-8)
@ -366,17 +380,17 @@
- [Documentation](#documentation-3)
- [Bug or Regression](#bug-or-regression-20)
- [Other (Cleanup or Flake)](#other-cleanup-or-flake-7)
- [Dependencies](#dependencies-20)
- [Added](#added-20)
- [Changed](#changed-20)
- [Removed](#removed-20)
- [Dependencies](#dependencies-21)
- [Added](#added-21)
- [Changed](#changed-21)
- [Removed](#removed-21)
- [v1.25.0-alpha.1](#v1250-alpha1)
- [Downloads for v1.25.0-alpha.1](#downloads-for-v1250-alpha1)
- [Source Code](#source-code-21)
- [Client Binaries](#client-binaries-21)
- [Server Binaries](#server-binaries-21)
- [Node Binaries](#node-binaries-21)
- [Container Images](#container-images-21)
- [Source Code](#source-code-22)
- [Client Binaries](#client-binaries-22)
- [Server Binaries](#server-binaries-22)
- [Node Binaries](#node-binaries-22)
- [Container Images](#container-images-22)
- [Changelog since v1.24.0](#changelog-since-v1240-1)
- [Urgent Upgrade Notes](#urgent-upgrade-notes-3)
- [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade-3)
@ -387,13 +401,115 @@
- [Failing Test](#failing-test-1)
- [Bug or Regression](#bug-or-regression-21)
- [Other (Cleanup or Flake)](#other-cleanup-or-flake-8)
- [Dependencies](#dependencies-21)
- [Added](#added-21)
- [Changed](#changed-21)
- [Removed](#removed-21)
- [Dependencies](#dependencies-22)
- [Added](#added-22)
- [Changed](#changed-22)
- [Removed](#removed-22)
<!-- END MUNGE: GENERATED_TOC -->
# v1.25.16
## Downloads for v1.25.16
### Source Code
filename | sha512 hash
-------- | -----------
[kubernetes.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes.tar.gz) | 4778dada85b833e9d3a12627fc7641343a1e83391f2e5d525adf7d1dd65d3a6b63945ad11741ea79b2f5a8bf867de49a91c80a0b96fe0cfecd011bb134e6088c
[kubernetes-src.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-src.tar.gz) | 0eeec83adc0fd24bf1cf92de3c93b97b3458d3e91b01147c5218adec3185a70bcd534708de6cd418cc2d05b81263fd933de119a115b304fd3cd1fddf8bfea718
### Client Binaries
filename | sha512 hash
-------- | -----------
[kubernetes-client-darwin-amd64.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-client-darwin-amd64.tar.gz) | 3ed350e314cc287afa5f985b2f350948c6a2b38250d6cda78d5638833f3d2c20ed434a6eef014d1ce8bed9b3fe6f5be1e6a3f0d9b1fb20ba195f5b686b6610a3
[kubernetes-client-darwin-arm64.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-client-darwin-arm64.tar.gz) | 92023e473bd756b5a42e8fcab5609ea81d05c3e0111b70824e1be24cc6f1d712a41dd0ec760afed961c7d2cda41bed1c9cff1c8a30bb5a9b838cd8c01dcf7253
[kubernetes-client-linux-386.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-client-linux-386.tar.gz) | c5430be9d5a50f72c035b727685ff26226f84ea17d99686b874704f356250b10dbd1b74a008b26b75c106a2cb557fb21843cfad8549025840c30798bbde81f51
[kubernetes-client-linux-amd64.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-client-linux-amd64.tar.gz) | 887be87d9565ccabde80b92988318ee940d3732e07ebc028a57dda61289fa576760806bc8796fa7a8c41509f8379d3491c30dd2c5a13dca7a56d1fc4ece2aa1e
[kubernetes-client-linux-arm.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-client-linux-arm.tar.gz) | be9a74664784021c31d5e582b454434219d643ea5311d200f33afec9638ccafb777954ebbb0a04ee472a7f09cbdb4ba151848ec8f9748fc8c00d2fe21b98bccd
[kubernetes-client-linux-arm64.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-client-linux-arm64.tar.gz) | 3ca77c574061bf0fb6fef2f27ce1e17dfbc6aab22d3929e329922528e1d81775be39fc98de9593535d97475168eff6a6cfc886daa257ece7d3b59180a0a9e58f
[kubernetes-client-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-client-linux-ppc64le.tar.gz) | 85114b7fda1598c55fd3c5a8b280915f50963531b85501fac310189059105c014a35e9f5a7c82585f15be91ec4b6151ddc50dffa068ae78879efbf693fcfeeff
[kubernetes-client-linux-s390x.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-client-linux-s390x.tar.gz) | 9f0cf98f2c20348486d187e8666651f9d7f1947f2ddaddf979ef945cba511ce9d94f37f7aed3e55c8ff22cb48f9b19e01bfbcd5eb1f8ea72f1bbcf67b4f5af32
[kubernetes-client-windows-386.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-client-windows-386.tar.gz) | a77aa92e531f7e0a0e827397fb36d20352abfd9ee35ec3b9f46e8513c40fc06c08f00d0b1ee20b1000d28f1e8467cd93a2578e4239878e491f642a00f5cb6cac
[kubernetes-client-windows-amd64.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-client-windows-amd64.tar.gz) | 1bc9ca7307f980e7174a09b2d3a3f3c184d620a3e5676456f122335f9b289142668e203b4f079af963f6e8db1cc068d3c1a824709fa4bc62e42c30c191584e4f
[kubernetes-client-windows-arm64.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-client-windows-arm64.tar.gz) | 233599accd34db6e98ad3b44a258e8f70b97ce41e453f49d97cff6923ab4f38f5c94757108a77d7830e798475594f2be8478c692beceb9cfd45e4783e3deacf6
### Server Binaries
filename | sha512 hash
-------- | -----------
[kubernetes-server-linux-amd64.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-server-linux-amd64.tar.gz) | 5ca1d195fe4b938b9decae99c842911bc2ea902e55e281eeb986b5da59e64eabfa8de8a443a2dfdea03aed1f8378ab00d33a00babb3034fb879a98c41ad948dd
[kubernetes-server-linux-arm.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-server-linux-arm.tar.gz) | e02da00d2fbd0f661fd1f664a6d28a8674023febf44ffdd8344f4eae063812dae07b663cb5a5e53f75a980fc60672498174ad544d236f9b45adfaf83d7cd373c
[kubernetes-server-linux-arm64.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-server-linux-arm64.tar.gz) | 30bf96c20c8a28e980d04d8c0868ac9c3253bf868a7b2383df4e5e27694c2570adbccc8562a9dac8e07e42f946179b9e0f6bf83b4c12acab285a441e407e9341
[kubernetes-server-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-server-linux-ppc64le.tar.gz) | 88f166d5b8e94813761a1763b02e76c4b7c7fa163be2cdaf1b86ad6b64556f29a2e2313516960ae7a133c55642e8f7ffb024bf0fa72344845c56049543c5539c
[kubernetes-server-linux-s390x.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-server-linux-s390x.tar.gz) | bffa33638f9fe975d2467733b07a8e19543c890d3ed8c5c3a4b2d8a60c9d46caf0a00a5654463b25a90edde0249ace1450e962b58f9d969e99e1df66b21219ab
### Node Binaries
filename | sha512 hash
-------- | -----------
[kubernetes-node-linux-amd64.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-node-linux-amd64.tar.gz) | f120b00facb8a03b1e6b2a675878a673ba6faf278c5d8df5ec907b7674ed56cf6489a2d374d2d0603e4f31eccc5d9a452e965fa17ac410f48831264bc8195612
[kubernetes-node-linux-arm.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-node-linux-arm.tar.gz) | d2a299e40184fd5d6c6de4a1a8a8345cd461330300b8b0f7eda634e2546988929b4318da68a1cc07fcdbc22f599136a37496db559ea49cdd4b98ea143cbef478
[kubernetes-node-linux-arm64.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-node-linux-arm64.tar.gz) | 46e7b6326b1b2f6da2de9048aea4cc42424e02d7f09086691eb0453d2ce36a45252c0576b19861611d78262c13812281c3e2279862b77274865a405808004750
[kubernetes-node-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-node-linux-ppc64le.tar.gz) | 08c4edb1c1b732388dd7d2808129c339bd8652635ffc85a40fc633ee4a5385b3e9e4c4a1a1215b21569341000ac51784167c4cd5b5d6acf91586331388b8f23a
[kubernetes-node-linux-s390x.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-node-linux-s390x.tar.gz) | f8f24eaa0aa643e49dc6131b61b677d0e672072c38a932cdac04cd07795ef82bf6834ac83381f1c8bd1123746aec2fae86bc5442ad0c21d90d87470f9b7c781b
[kubernetes-node-windows-amd64.tar.gz](https://dl.k8s.io/v1.25.16/kubernetes-node-windows-amd64.tar.gz) | 6a4847456e31e9ecfe33c98b9873e2a81e5eacf5f0dbd4debd25fd6f866cac17d2f163434aa96a50c7dfecb0f68f356654aa76268e0fd56707a0a73ac89d1ee8
### Container Images
All container images are available as manifest lists and support the described
architectures. It is also possible to pull a specific architecture directly by
adding the "-$ARCH" suffix to the container image name.
name | architectures
---- | -------------
[registry.k8s.io/conformance:v1.25.16](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/conformance) | [amd64](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/conformance-amd64), [arm](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/conformance-arm), [arm64](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/conformance-arm64), [ppc64le](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/conformance-ppc64le), [s390x](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/conformance-s390x)
[registry.k8s.io/kube-apiserver:v1.25.16](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-apiserver) | [amd64](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-apiserver-amd64), [arm](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-apiserver-arm), [arm64](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-apiserver-arm64), [ppc64le](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-apiserver-ppc64le), [s390x](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-apiserver-s390x)
[registry.k8s.io/kube-controller-manager:v1.25.16](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-controller-manager) | [amd64](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-controller-manager-amd64), [arm](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-controller-manager-arm), [arm64](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-controller-manager-arm64), [ppc64le](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-controller-manager-ppc64le), [s390x](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-controller-manager-s390x)
[registry.k8s.io/kube-proxy:v1.25.16](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-proxy) | [amd64](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-proxy-amd64), [arm](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-proxy-arm), [arm64](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-proxy-arm64), [ppc64le](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-proxy-ppc64le), [s390x](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-proxy-s390x)
[registry.k8s.io/kube-scheduler:v1.25.16](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-scheduler) | [amd64](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-scheduler-amd64), [arm](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-scheduler-arm), [arm64](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-scheduler-arm64), [ppc64le](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-scheduler-ppc64le), [s390x](https://console.cloud.google.com/gcr/images/k8s-artifacts-prod/us/kube-scheduler-s390x)
## Changelog since v1.25.15
## Important Security Information
This release contains changes that address the following vulnerabilities:
### CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.
**Affected Versions**:
- kubelet >= v1.8.0
**Fixed Versions**:
- kubelet v1.28.4
- kubelet v1.27.8
- kubelet v1.26.11
- kubelet v1.25.16
This vulnerability was reported by Tomer Peled @tomerpeled92"
**CVSS Rating:** High (7.2) [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
## Dependencies
### Added
_Nothing has changed._
### Changed
_Nothing has changed._
### Removed
_Nothing has changed._
# v1.25.15