This repository was archived by the owner on Mar 31, 2025. It is now read-only.

chore(deps): update module k8s.io/kubernetes to v1.29.14 [security]#166

Open

renovate[bot] wants to merge 1 commit intomainfrom

renovate/go-k8s.io-kubernetes-vulnerability

Contributor

renovate bot commented Mar 6, 2025 •

edited

Loading

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
k8s.io/kubernetes	indirect	minor	`v1.28.12` -> `v1.29.14`

GitHub Vulnerability Alerts

CVE-2025-0426

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.

CVE-2024-9042

A security vulnerability has been discovered in Kubernetes windows nodes that could allow a user with the ability to query a node's '/logs' endpoint to execute arbitrary commands on the host. This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.

Release Notes

kubernetes/kubernetes (k8s.io/kubernetes)

`v1.29.14`: Kubernetes v1.29.14

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.13`: Kubernetes v1.29.13

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.12`: Kubernetes v1.29.12

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.11`: Kubernetes v1.29.11

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.10`: Kubernetes v1.29.10

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.9`: Kubernetes v1.29.9

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.8`: Kubernetes v1.29.8

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.7`: Kubernetes v1.29.7

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.6`: Kubernetes v1.29.6

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.5`: Kubernetes v1.29.5

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.4`: Kubernetes v1.29.4

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.3`: Kubernetes v1.29.3

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.2`: Kubernetes v1.29.2

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.1`: Kubernetes v1.29.1

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.29.0`: Kubernetes v1.29.0

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.28.15`: Kubernetes v1.28.15

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.28.14`: Kubernetes v1.28.14

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

`v1.28.13`: Kubernetes v1.28.13

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.


          chore(deps): update module k8s.io/kubernetes to v1.29.14 [security]

fb648c4

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

renovate bot added the dependencies label

Contributor Author

renovate bot commented Mar 6, 2025

ℹ Artifact update notice

File name: app/platform/fabric/e2e-test/specs/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

6 additional dependencies were updated

Details:

Package	Change
`cloud.google.com/go`	`v0.110.4` -> `v0.110.6`
`github.com/fsnotify/fsnotify`	`v1.6.0` -> `v1.7.0`
`google.golang.org/genproto`	`v0.0.0-20230711160842-782d3b101e98` -> `v0.0.0-20230803162519-f966b187b2e5`
`k8s.io/gengo`	`v0.0.0-20220902162205-c0856e24416d` -> `v0.0.0-20230829151522-9cce18d56c01`
`k8s.io/kube-openapi`	`v0.0.0-20230717233707-2695361300d9` -> `v0.0.0-20231010175941-2dd684a91f00`
`k8s.io/utils`	`v0.0.0-20230406110748-d93618cff8a2` -> `v0.0.0-20230726121419-3b25d923346b`

renovate-approve bot approved these changes

View reviewed changes

renovate-approve-2 bot approved these changes

View reviewed changes

sourcery-ai bot commented Mar 6, 2025 •

edited

Loading

Reviewer's Guide by Sourcery

This PR updates the k8s.io/kubernetes module from v1.28.12 to v1.29.14 to address a security vulnerability (CVE-2025-0426) and updates indirect dependencies. The update aims to prevent a potential Node Denial of Service.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Update k8s.io/kubernetes to v1.29.14 to address CVE-2025-0426, a security issue that could lead to Node Denial of Service.	Updated the k8s.io/kubernetes module version from v1.28.12 to v1.29.14. Updated indirect dependencies to align with the new Kubernetes version.	`app/platform/fabric/e2e-test/specs/go.mod` `app/platform/fabric/e2e-test/specs/go.sum`
Update indirect dependencies.	Updated cloud.google.com/go from v0.110.4 to v0.110.6. Updated github.com/fsnotify/fsnotify from v1.6.0 to v1.7.0. Updated google.golang.org/genproto from v0.0.0-20230711160842-782d3b101e98 to v0.0.0-20230803162519-f966b187b2e5. Updated k8s.io/gengo from v0.0.0-20220902162205-c0856e24416d to v0.0.0-20230829151522-9cce18d56c01. Updated k8s.io/kube-openapi from v0.0.0-20230717233707-2695361300d9 to v0.0.0-20231010175941-2dd684a91f00. Updated k8s.io/utils from v0.0.0-20230406110748-d93618cff8a2 to v0.0.0-20230726121419-3b25d923346b.	`app/platform/fabric/e2e-test/specs/go.mod` `app/platform/fabric/e2e-test/specs/go.sum`

Tips and commands

Interacting with Sourcery

Trigger a new review: Comment @sourcery-ai review on the pull request.
Continue discussions: Reply directly to Sourcery's review comments.
Generate a GitHub issue from a review comment: Ask Sourcery to create an
issue from a review comment by replying to it. You can also reply to a
review comment with @sourcery-ai issue to create an issue from it.
Generate a pull request title: Write @sourcery-ai anywhere in the pull
request title to generate a title at any time. You can also comment
@sourcery-ai title on the pull request to (re-)generate the title at any time.
Generate a pull request summary: Write @sourcery-ai summary anywhere in
the pull request body to generate a PR summary at any time exactly where you
want it. You can also comment @sourcery-ai summary on the pull request to
(re-)generate the summary at any time.
Generate reviewer's guide: Comment @sourcery-ai guide on the pull
request to (re-)generate the reviewer's guide at any time.
Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
pull request to resolve all Sourcery comments. Useful if you've already
addressed all the comments and don't want to see them anymore.
Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
request to dismiss all existing Sourcery reviews. Especially useful if you
want to start fresh with a new review - don't forget to comment
@sourcery-ai review to trigger a new review!
Generate a plan of action for an issue: Comment @sourcery-ai plan on
an issue to generate a plan of action for it.

Customizing Your Experience

Access your dashboard to:

Enable or disable review features such as the Sourcery-generated pull request
summary, the reviewer's guide, and others.
Change the review language.
Add, remove or edit custom review instructions.
Adjust other review settings.

Getting Help

Contact our support team for questions or feedback.
Visit our documentation for detailed guides and information.
Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

sourcery-ai bot reviewed

View reviewed changes

sourcery-ai bot left a comment

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, renovate[bot]!). We assume it knows what it's doing!

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels