Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

kubernetes1.32-controller-manager-1.32.9-1.1 RPM for x86_64

From OpenSuSE Tumbleweed for x86_64

Name: kubernetes1.32-controller-manager Distribution: openSUSE Tumbleweed
Version: 1.32.9 Vendor: openSUSE
Release: 1.1 Build date: Thu Sep 18 15:55:40 2025
Group: System/Management Build host: reproducible
Size: 94846011 Source RPM: kubernetes1.32-1.32.9-1.1.src.rpm
Packager: https://bugs.opensuse.org
Url: https://kubernetes.io/
Summary: Kubernetes controller-manager for container image
This subpackage contains the kube-controller-manager binary for Kubic images

Provides

Requires

License

Apache-2.0

Changelog

* Thu Sep 18 2025 Priyanka Saggu <priyanka.saggu@suse.com>
  - Update to version 1.32.9:
    * Fix missing control plane health check timeout
    * Bump images, dependencies and versions to go 1.23.12 and distroless iptables
    * Mask Linux thermal interrupt info in /proc and /sys.
  - Update .spec file to bump go version build requirements:
    * `BuildRequires:  go >= 1.23.12`
    * ref: https://github.com/kubernetes/kubernetes/blob/v1.32.9/build/dependencies.yaml#L117-L119
  - Exclude build for Arch: armv6 armv7, bsc#1188544
  - wrap kubernetes (server- and client-)side components in if/else conditionals, such that:
    On openSUSE build all (no PIE on s390x), elsewhere build only kubectl (no PIE on s390x).
* Thu Aug 14 2025 Priyanka Saggu <priyanka.saggu@suse.com>
  - Update to version 1.32.8:
    * do not allow the node to update it's owner reference
    * remove failing test that depends on expired credential, remove credential, add TODOs
    * Bump images, dependencies and versions to go 1.23.11 and distroless iptables
  - Update .spec file to bump go version build requirements:
    * `BuildRequires:  go >= 1.23.11`
    * ref: https://github.com/kubernetes/kubernetes/blob/v1.32.8/build/dependencies.yaml#L117-L119
* Thu Jul 17 2025 Priyanka Saggu <priyanka.saggu@suse.com>
  - Update to version 1.32.7:
    * Use per-policy marker names for VAP integration tests.
    * Fix validation for Job with suspend=true,completions=0 to set Complete condition
    * Add check to see if promote worked within the retry loop
    * Clean backoff record earlier
    * fix(kubelet): acquire imageRecordsLock when removing image
* Sat Jun 21 2025 Priyanka Saggu <priyanka.saggu@suse.com>
  - Update to version 1.32.6:
    * Bump images, dependencies and versions to go 1.23.10 and distroless iptables
    * Remove warning about resizing failed for unknown reason
    * Add tests that validate the return value of resize operation
    * DRA node: reject static pods which reference ResourceClaims
    * pkg/kubelet/userns: Remove skip on windows
    * pkg/kubelet/userns: Wrap error to get mappings
    * pkg/kubelet/userns: Provide stub implementation for windows
    * pkg/kubelet: Fix userns tests on Windows
    * Revert "Enforce the Minimum Kernel Version 6.3 for UserNamespacesSupport feature"
    * Revert "Switch hard error to a WARNING for kernel version check"
    * userns: Wrap more errors
    * userns: Improve error returned if userns is not supported
    * userns: Use len to handle empty non-nil slices
    * Update hnslib version in Windows KubeProxy
  - Update .spec file to bump go version build requirements:
    * `BuildRequires:  go >= 1.23.10`
    * ref: https://github.com/kubernetes/kubernetes/blob/v1.32.6/build/dependencies.yaml#L117-L119
* Tue Jun 10 2025 Priyanka Saggu <priyanka.saggu@suse.com>
  - add patch file: cve-2025-22872-x-net-html-properly-handle-trailing-solidus.patch
    * fixes CVE-2025-22872, bsc#1241781
    * Ref: https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9
* Mon May 19 2025 Priyanka Saggu <priyanka.saggu@suse.com>
  - Update to version 1.32.5:
    * Bump images, dependencies and versions
    * Handle unsupported node expansion for RWX volumes
    * Manually adding fix for failing pull-kubernetes-typecheck tests which had dependency with this commit: https://github.com/kubernetes/kubernetes/commit/61863035803cc105619925a0fa23a779a9578bd4
    * Mark NodeExpansion finsihed without featuregate check
    * Also change final status by removing featuregate check
    * Check for newer fields when deciding expansion recovery feature status
    * Fix for HNS local endpoint was being deleted instead of the remote endpoint.
  - Update .spec file to bump go version build requirements:
    * `BuildRequires:  go >= 1.23.8`
    * ref: https://github.com/kubernetes/kubernetes/blob/v1.32.5/build/dependencies.yaml#L117-L119
* Wed Apr 23 2025 Priyanka Saggu <priyanka.saggu@suse.com>
  - Update to version 1.32.4:
    * Fix race for sending errors in watch
    * CHANGELOG-1.32: fix release note about kubeadm upgrade phases
    * Fix implementation of ContainsCIDR to allow non-equal addresses
    * fix handle terminating pvc when kubelet rebuild dsw
    * add e2e test to reproduce unexpected unmount after kubelet is restarted
* Tue Mar 25 2025 Priyanka Saggu <priyanka.saggu@suse.com>
  - CVE-2025-1767: GitRepo Volume Inadvertent Local Repository Access, bsc#1239643
    * TL;DR: Please refer to the github issue for details on detecting and mitigating the CVE, if impacted:
    https://github.com/kubernetes/kubernetes/issues/130786
    * ***Important note to users and administrators****
    * How do I mitigate this vulnerability?
    To mitigate this vulnerability, you must use an init container to perform git clone operation and then mount the directory into the Pod's container. An example of this approach is provided here: https://gist.github.com/tallclair/849601a16cebeee581ef2be50c351841
    Note: You can also restrict the use of gitRepo volumes in your cluster using policies such as ValidatingAdmissionPolicy or through Restricted pod security standard policy. You can use the following Common Expression Language (CEL) expression as part of a policy to reject use of gitRepo volumes:
    `has(object.spec.volumes) || !object.spec.volumes.exists(v, has(v.gitRepo))`
    * Detection:
    To detect whether this vulnerability has been exploited, you can use the following command to list all pods that use the in-tree gitRepo volume and clones to a .git subdirectory.
    ```
    kubectl get pods --all-namespaces -o json | jq '.items[] | select(.spec.volumes[].gitRepo.repository | test("^/")) | {name: .metadata.name, namespace: .metadata.namespace, repository: (.spec.volumes[] | select(.gitRepo) | .gitRepo.repository)}'
    ```
    Please plan and consider migrating to Kubernetes v1.33 (~ Release Date: April 23, 2025).
    Since starting v1.33, the impacted gitRepo volume plugin will be disabled by default.
    Refer: https://github.com/kubernetes/kubernetes/pull/129923
    No prior Kubernetes versions (v1.29 - v1.32), will receive any backport fixe patches for this CVE, since there isn't a fully non-code-breaking patch available.
* Wed Mar 12 2025 Priyanka Saggu <priyanka.saggu@suse.com>
  - Update to version 1.32.3:
    * Add the feature gate `OrderedNamespaceDeletion` for apiserver
    * conntrack reconciler must check the dst port
    * fix(pod/util): typos in getting pod validation options
    * Add ControllerRoles Test
    * Fix Fixture Data
    * Add Watch to controller roles
    * Generate register files for all examples
    * add simpletype pkg in v1 for register-gen test
    * Add codegen::register to hack/update-codegen.sh
    * Add missing imports in register-gen
    * Revert "Add random interval to nodeStatusReport interval every time after an actual node status change"
    * Remove the feature-gate check before populating serverRunOptions.Flagz
    * test: Add emulated-version flag verification in flagz test
    * fix: flagz endpoint to return parsed flags value
    * kubeadm: fix panic when no UpgradeConfiguration was found in the config file
    * proxy: should add PingPeriod for websocket translator
    * Honor KUBE_HACK_TOOLS_GOTOOLCHAIN
    * Deflake the PodReplacementPolicyFeatureToggling Job integration test
    * Limit ResourceQuota LIST requests to times when informer is not synced
    * kubelet: fix DRA registration test
    * Fix the flaky Job test: TestSuccessPolicy_ReEnabling
    * bump netlink
    * DRA CEL: skip estimating the cost in the scheduler
    * DRA CEL: add missing size estimator
* Tue Feb 18 2025 Priyanka Saggu <priyanka.saggu@suse.com>
  - Update to version 1.32.2:
    * Bump images, dependencies and versions to go 1.23.6 and distroless iptables
    * Disable ServiceAccountNodeAudienceRestriction feature gate by default in v1.32
    * Kubelet server handler cleanup
    * Fix the remaining flaky integration tests in Job controller
    * WIP: fix the flaky Job integration tests
    * kubeadm: use the v1beta4 EtcdAPICall timeout for etcd calls
    * hack: backport apidiff.sh
    * Fix: touch /dev/null permission denied on macos
    * Added check for multipath device mapper
    * Fix Portworx plugin's CSI translation to copy secret name & namespace
    * We still can't rely on first condition being fs-expansion pending condition
    * Bump CSI sidecars to fix CI issues and such
    * kubeadm: remove misplaced error during image pull
  - Update .spec file to bump go version build requirements:
    * `BuildRequires:  go >= 1.23.6`
    * ref: https://github.com/kubernetes/kubernetes/blob/v1.32.2/build/dependencies.yaml#L117-L119
  - version 1.32.2 contain fix for CVE-2025-0426, bsc#1237189
    * Refer changelog for more information:
      https://github.com/kubernetes/kubernetes/blob/v1.32.2/CHANGELOG/CHANGELOG-1.32.md#important-security-information
* Thu Jan 16 2025 Priyanka Saggu <priyanka.saggu@suse.com>
  - Update to version 1.32.1:
    * kubelet: use env vars in node log query PS command
    * DRA e2e: adapt to increased ReservedFor limit
    * DRA API: bump maximum size of ReservedFor to 256
    * Add watch permission to namespace-controller for WatchListClient feature
    * webhook: alter regex to account for x509sha1 GODEBUG removal
    * kubeadm: fix a bug where the node.skipPhases in UpgradeNodeConfiguration is not respected by 'kubeadm upgrade node'
    * kubeadm: skip disabled addons in clusterconfig on upgrade
    * Bump images, dependencies and versions to go 1.23.4 and distroless iptables
    * Do not attempt to truncate revision history if revisionHistoryLimit is negative
    * fetch cni plugins from GitHub releases
    * Fix volume expansion offline
    * prevent unnecessary resolving of iscsi/fc devices to dm
    * Isolate mock signer for externaljwt tests
  - Update .spec file to bump go version build requirements:
    * `BuildRequires:  go >= 1.23.4`
    * ref: https://github.com/kubernetes/kubernetes/blob/v1.32.1/build/dependencies.yaml#L117-L119
* Thu Dec 19 2024 Priyanka Saggu <priyanka.saggu@suse.com>
  - initial package for Kubernetes v1.32.0
    * Full changelog - https://github.com/kubernetes/kubernetes/blob/v1.32.0/CHANGELOG/CHANGELOG-1.32.md

Files

/usr/bin/kube-controller-manager
/usr/share/doc/packages/kubernetes1.32-controller-manager
/usr/share/doc/packages/kubernetes1.32-controller-manager/CONTRIBUTING.md
/usr/share/doc/packages/kubernetes1.32-controller-manager/README.md
/usr/share/licenses/kubernetes1.32-controller-manager
/usr/share/licenses/kubernetes1.32-controller-manager/LICENSE
/usr/share/man/man1/kube-controller-manager.1.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Oct 25 22:33:49 2025