# 4.13.38 Created: 2024-03-21 09:46:05 +0000 UTC Image Digest: `sha256:db7a6fad1d56cf391159d252daabbb44178132081e077ae290317b91633fb1db` Promoted from registry.ci.openshift.org/ocp/release:4.13.0-0.nightly-2024-03-20-130748 ## Changes from 4.13.1 ### Components * Kubernetes upgraded from 1.26.3 to 1.26.14 * Red Hat Enterprise Linux CoreOS upgraded from 413.92.202305231734-0 to 413.92.202403200554-0 ### Rebuilt images without code change * [alibaba-machine-controllers](https://github.com/openshift/cluster-api-provider-alibaba) git [4c0f96a6](https://github.com/openshift/cluster-api-provider-alibaba/commit/4c0f96a692dee91100d7085c05a68f3efb7e281d) `sha256:39ba1487177092db6886c2038f76513b0ffcd2803615c82f6189973546b9444f` * [cluster-bootstrap](https://github.com/openshift/cluster-bootstrap) git [ee908b6b](https://github.com/openshift/cluster-bootstrap/commit/ee908b6bb91dee3e61aface46d53a00b4e9288a2) `sha256:347fbbb93e64f1899a389954b8484bc3f494cf663b2b8f1a35c76ad592c4f7d8` * [configmap-reloader](https://github.com/openshift/configmap-reload) git [9adad592](https://github.com/openshift/configmap-reload/commit/9adad592e7d9bd5a723add16488e68365a64977f) `sha256:c579d9d2b223deeb88ae968409f64a635e519f23c25932b75845e06a0ca0ef8c` * [csi-driver-nfs](https://github.com/openshift/csi-driver-nfs) git [2b914c21](https://github.com/openshift/csi-driver-nfs/commit/2b914c2161722ebf11f9275fa29e00a0b1306da1) `sha256:2d37b5eed520a27fe3db4023afbab6215ee3c04b69ad4e7787833b132537e2f3` * [driver-toolkit](https://github.com/openshift/driver-toolkit) git [d719bdcf](https://github.com/openshift/driver-toolkit/commit/d719bdcfa49bc18b729117ee513a86a1ddecb63a) `sha256:fa20bf3ddb18510902575e7481bc1e6879fb38548d73507f6fc3a211dff6484c` * [kube-storage-version-migrator](https://github.com/openshift/kubernetes-kube-storage-version-migrator) git [bad104d1](https://github.com/openshift/kubernetes-kube-storage-version-migrator/commit/bad104d13ba95bc850f5aaf96436f793d7985864) `sha256:b4d2d503d7de2c89033e440b99ec916da0d196004ead21b3588038d8df262966` * [kubevirt-cloud-controller-manager](https://github.com/openshift/cloud-provider-kubevirt) git [ee2033ec](https://github.com/openshift/cloud-provider-kubevirt/commit/ee2033ecd471dc9fc08d101c421a04916f4f55c5) `sha256:3a988a16d62d4769a0ca97f87531ad2b6d1cff12ce8f9667a19ef7e9503ec5a2` * [kubevirt-csi-driver](https://github.com/openshift/kubevirt-csi-driver) git [efa0b943](https://github.com/openshift/kubevirt-csi-driver/commit/efa0b9432bf0f44a965dc978ada75ea9b0f3e511) `sha256:d8fdf1b997c4f0bfb4106c5184e314ad780e3bd3b73bff35b537600a27ac7857` * machine-os-content `sha256:6d96a6fbf8fdd9822a5fb43cdbfe3e84c5bf11b3842c00d409edc8cc0161abd8` * [machine-os-images](https://github.com/openshift/machine-os-images) git [b14856ff](https://github.com/openshift/machine-os-images/commit/b14856ffbc8fbe1f986cf1b7b835bbeaa786ce5e) `sha256:86b75b08e4520d01d4eea3ae1d064f8490743507a422fdfd70f7f10430fd550a` * [nutanix-cloud-controller-manager](https://github.com/openshift/cloud-provider-nutanix) git [4d1c58e2](https://github.com/openshift/cloud-provider-nutanix/commit/4d1c58e2b97f00e64ab4332d18dfdd531fb9cc4e) `sha256:d257fe2cd7d7d5cf390eaa1a5c9f6cbadc1d32d03ea20e64c2716fee69dd31c2` * [ovirt-machine-controllers](https://github.com/openshift/cluster-api-provider-ovirt) git [22d89b3f](https://github.com/openshift/cluster-api-provider-ovirt/commit/22d89b3fd9e2e395a62f71092487d26c8940052e) `sha256:62b5253f1faf04aaad0de7b0d0f58416b7f7c5fc5f75a0e4c2b3d66b927632b2` * [prom-label-proxy](https://github.com/openshift/prom-label-proxy) git [b501d5e2](https://github.com/openshift/prom-label-proxy/commit/b501d5e2aff82d46a141223636b522aeae95b915) `sha256:5633fc0acbae129d8d43a9485dd0496a7254abf308ddf02f30ca421e29e7b1c9` * rhel-coreos `sha256:128f0dc5b4f42344ec1220cee05c087936e8864f84dc9cb9786c4df55824d2c5` * rhel-coreos-extensions `sha256:15ee3a97ba183e7f7b1211348a73a3f625e307143519fe2a19916441b6120d6d` ### [agent-installer-api-server](https://github.com/openshift/assisted-service/tree/06189bcdb0bea068f8ac51a3550fcdcbde522a76) * [MGMT-15150](https://issues.redhat.com/browse/MGMT-15150): Use same installer binary for all platform types (#5346) [#5346](https://github.com/openshift/assisted-service/pull/5346) * [MGMT-13947](https://issues.redhat.com/browse/MGMT-13947): Revert assisted boot reporter service (#5292) [#5292](https://github.com/openshift/assisted-service/pull/5292) * [Full changelog](https://github.com/openshift/assisted-service/compare/8db33dbd81fe23f2a7f2ec69231b23015e2ae53b...06189bcdb0bea068f8ac51a3550fcdcbde522a76) ### [agent-installer-csr-approver, agent-installer-orchestrator](https://github.com/openshift/assisted-installer/tree/edf25423e34294b754ac16a67dbaf1aed7467ca4) * [MGMT-13586](https://issues.redhat.com/browse/MGMT-13586): Wait for ETCD Bootstrap to complete (#670) (#717) [#670](https://github.com/openshift/assisted-installer/pull/670) * [Full changelog](https://github.com/openshift/assisted-installer/compare/6160d18379195ac3f65ab3898429936a95522fd0...edf25423e34294b754ac16a67dbaf1aed7467ca4) ### [agent-installer-node-agent](https://github.com/openshift/assisted-installer-agent/tree/c5611048e36de8c7c917451fa8e4fb3f1edb8b6a) * [MGMT-13111](https://issues.redhat.com/browse/MGMT-13111): Freeze on `404 Not Found` (#628) [#628](https://github.com/openshift/assisted-installer-agent/pull/628) * [OCPBUGS-16373](https://issues.redhat.com/browse/OCPBUGS-16373): Ignore arping errors on RHEL 9 (#577) [#577](https://github.com/openshift/assisted-installer-agent/pull/577) * [MGMT-15661](https://issues.redhat.com/browse/MGMT-15661): Update to latest ghw version (#594) (#596) [#594](https://github.com/openshift/assisted-installer-agent/pull/594) * [OCPBUGS-15557](https://issues.redhat.com/browse/OCPBUGS-15557): vendor agent-installer-utils to v0.0.0-20230707155933-79b142ede77d (#565) [#565](https://github.com/openshift/assisted-installer-agent/pull/565) * [OCPBUGS-14848](https://issues.redhat.com/browse/OCPBUGS-14848): Filter out hidden devices (#559) [#559](https://github.com/openshift/assisted-installer-agent/pull/559) * [Full changelog](https://github.com/openshift/assisted-installer-agent/compare/e8de0582db56699d32653df02241c4a104755e1b...c5611048e36de8c7c917451fa8e4fb3f1edb8b6a) ### [alibaba-cloud-controller-manager](https://github.com/openshift/cloud-provider-alibaba-cloud/tree/e41e11ccf25fa74e4cfb4ace124f35cffc0191a7) * [OCPBUGS-21238](https://issues.redhat.com/browse/OCPBUGS-21238): Bump golang.org/x/net to v0.19.0 [#43](https://github.com/openshift/cloud-provider-alibaba-cloud/pull/43) * [Full changelog](https://github.com/openshift/cloud-provider-alibaba-cloud/compare/b5200baa784513b77437809c63fcc80cfd53c9df...e41e11ccf25fa74e4cfb4ace124f35cffc0191a7) ### [alibaba-cloud-csi-driver](https://github.com/openshift/alibaba-cloud-csi-driver/tree/6384f904d041b761670532ac183271b8110707f2) * [OCPBUGS-21329](https://issues.redhat.com/browse/OCPBUGS-21329): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#37](https://github.com/openshift/alibaba-cloud-csi-driver/pull/37) * [OCPBUGS-16377](https://issues.redhat.com/browse/OCPBUGS-16377): [release-4.13] UPSTREAM: 763: Bump (golang.org/x/net): to address CVE-2022-41723 [#31](https://github.com/openshift/alibaba-cloud-csi-driver/pull/31) * [Full changelog](https://github.com/openshift/alibaba-cloud-csi-driver/compare/68c0ecfcdcfaa375450f0af1b7f8c6083e3f122f...6384f904d041b761670532ac183271b8110707f2) ### [alibaba-disk-csi-driver-operator](https://github.com/openshift/alibaba-disk-csi-driver-operator/tree/7e415973dda671d82ae58d0107af274ff053db5c) * [OCPBUGS-21428](https://issues.redhat.com/browse/OCPBUGS-21428): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#65](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/65) * [OCPBUGS-16250](https://issues.redhat.com/browse/OCPBUGS-16250): Add management workloads annotations [#55](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/55) * [Full changelog](https://github.com/openshift/alibaba-disk-csi-driver-operator/compare/0f4b92ab502068edc6cad4c0d070f44c06842092...7e415973dda671d82ae58d0107af274ff053db5c) ### [apiserver-network-proxy](https://github.com/openshift/apiserver-network-proxy/tree/3362d673b054807a4974b4d600486933f7e0bd42) * [HOSTEDCP-1323](https://issues.redhat.com/browse/HOSTEDCP-1323): Merge latest code into 4.14 branch [#45](https://github.com/openshift/apiserver-network-proxy/pull/45) * [OCPBUGS-10187](https://issues.redhat.com/browse/OCPBUGS-10187): Updating ose-apiserver-network-proxy images to be consistent with ART [#30](https://github.com/openshift/apiserver-network-proxy/pull/30) * [Full changelog](https://github.com/openshift/apiserver-network-proxy/compare/61e198ca00b9426e2f7309cf2818ac74426486ff...3362d673b054807a4974b4d600486933f7e0bd42) ### [aws-cloud-controller-manager](https://github.com/openshift/cloud-provider-aws/tree/f116a0dda271dfde3c14269047967b3ead1ee94e) * [OCPBUGS-27964](https://issues.redhat.com/browse/OCPBUGS-27964): bump go.opentelemetry.io [#72](https://github.com/openshift/cloud-provider-aws/pull/72) * [OCPBUGS-20738](https://issues.redhat.com/browse/OCPBUGS-20738): Update golang.org/x/net to v0.17.0 [#54](https://github.com/openshift/cloud-provider-aws/pull/54) * [Full changelog](https://github.com/openshift/cloud-provider-aws/compare/946daa07dbf49c4a1860a1c3fc4c05fa685c6590...f116a0dda271dfde3c14269047967b3ead1ee94e) ### [aws-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-aws/tree/de23838384b0859542041395fd84100efee34833) * [OCPBUGS-20836](https://issues.redhat.com/browse/OCPBUGS-20836): bump golang.org/x/net to v0.17.0 [#482](https://github.com/openshift/cluster-api-provider-aws/pull/482) * [OCPBUGS-15512](https://issues.redhat.com/browse/OCPBUGS-15512): Pass right SGs for IsExternallyManaged on creation [#468](https://github.com/openshift/cluster-api-provider-aws/pull/468) * [Full changelog](https://github.com/openshift/cluster-api-provider-aws/compare/4251ed32deecad37706c6b90ecb187882386609a...de23838384b0859542041395fd84100efee34833) ### [aws-ebs-csi-driver](https://github.com/openshift/aws-ebs-csi-driver/tree/325cb029f5dac51e4efabe89a62315af134cad8d) * [OCPBUGS-20939](https://issues.redhat.com/browse/OCPBUGS-20939): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#240](https://github.com/openshift/aws-ebs-csi-driver/pull/240) * [OCPBUGS-13811](https://issues.redhat.com/browse/OCPBUGS-13811): Volume unmount repeats after successful unmount, preventing pod delete [#225](https://github.com/openshift/aws-ebs-csi-driver/pull/225) * [Full changelog](https://github.com/openshift/aws-ebs-csi-driver/compare/d8fa531075bd9e3da26a58e05fc906bc84e2625e...325cb029f5dac51e4efabe89a62315af134cad8d) ### [aws-ebs-csi-driver-operator](https://github.com/openshift/aws-ebs-csi-driver-operator/tree/3cb879a801f54ecc5d03c7404deba7ca25bb5af5) * [OCPBUGS-21034](https://issues.redhat.com/browse/OCPBUGS-21034): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#281](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/281) * [OCPBUGS-13036](https://issues.redhat.com/browse/OCPBUGS-13036): 4.13: Bump (golang.org/x/net): to address CVE-2022-41723 [#220](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/220) * [Full changelog](https://github.com/openshift/aws-ebs-csi-driver-operator/compare/b6dee5c3585cbc92967530cb178a09a52164bfde...3cb879a801f54ecc5d03c7404deba7ca25bb5af5) ### [aws-machine-controllers](https://github.com/openshift/machine-api-provider-aws/tree/e1a57b5e4ce731e8f90cd2c0d4ded81e40fa7a37) * [OCPBUGS-24563](https://issues.redhat.com/browse/OCPBUGS-24563): Reduce metrics cardinality [#96](https://github.com/openshift/machine-api-provider-aws/pull/96) * [OCPBUGS-21568](https://issues.redhat.com/browse/OCPBUGS-21568): Update golang.org/x/net to v0.17.0 [#89](https://github.com/openshift/machine-api-provider-aws/pull/89) * [Full changelog](https://github.com/openshift/machine-api-provider-aws/compare/ba3b3a31ca9efcc984015280965a4b28ffd740e0...e1a57b5e4ce731e8f90cd2c0d4ded81e40fa7a37) ### [aws-pod-identity-webhook](https://github.com/openshift/aws-pod-identity-webhook/tree/06140aba64cbaca89af882d1a658e318063fb928) * [OCPBUGS-21331](https://issues.redhat.com/browse/OCPBUGS-21331): Upgrade golang/x/net for CVE-2023-39325 [#184](https://github.com/openshift/aws-pod-identity-webhook/pull/184) * NO-ISSUE: Sync OWNERS with team members [#177](https://github.com/openshift/aws-pod-identity-webhook/pull/177) * snyk: exclude vendor/ [#172](https://github.com/openshift/aws-pod-identity-webhook/pull/172) * [OCPBUGS-12555](https://issues.redhat.com/browse/OCPBUGS-12555): Update builder to OCP4.13/go1.19 [#164](https://github.com/openshift/aws-pod-identity-webhook/pull/164) * [Full changelog](https://github.com/openshift/aws-pod-identity-webhook/compare/4969655df4169f19092e173b16c56c79d3a3383e...06140aba64cbaca89af882d1a658e318063fb928) ### [azure-cloud-controller-manager, azure-cloud-node-manager](https://github.com/openshift/cloud-provider-azure/tree/bf9bd02236e13c426d58c9828685dd6c598ff15f) * [OCPBUGS-21419](https://issues.redhat.com/browse/OCPBUGS-21419): Bump golang.org/x/net to v0.18.0 [#94](https://github.com/openshift/cloud-provider-azure/pull/94) * [OCPBUGS-17145](https://issues.redhat.com/browse/OCPBUGS-17145): Increase service idle max timeout to 100 minutes [#81](https://github.com/openshift/cloud-provider-azure/pull/81) * [OCPBUGS-13952](https://issues.redhat.com/browse/OCPBUGS-13952): Update x/net package to v0.8.0 [#68](https://github.com/openshift/cloud-provider-azure/pull/68) * [Full changelog](https://github.com/openshift/cloud-provider-azure/compare/7afcf26e2e9190337134e75e0981d25d05dc16c8...bf9bd02236e13c426d58c9828685dd6c598ff15f) ### [azure-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-azure/tree/aa3b650ee93e7cb92556cf2e917074011578c040) * [OCPBUGS-21503](https://issues.redhat.com/browse/OCPBUGS-21503): bump golang.org/x/net to v0.17.0 [#288](https://github.com/openshift/cluster-api-provider-azure/pull/288) * [OCPBUGS-12557](https://issues.redhat.com/browse/OCPBUGS-12557): Bump x/net package to v0.10.0 [#278](https://github.com/openshift/cluster-api-provider-azure/pull/278) * [Full changelog](https://github.com/openshift/cluster-api-provider-azure/compare/9885d4d37ed74d764eb83a826f3a7b013ed83d12...aa3b650ee93e7cb92556cf2e917074011578c040) ### [azure-disk-csi-driver](https://github.com/openshift/azure-disk-csi-driver/tree/b6d3fbcbf312f03247092323a88a43873b693f22) * [OCPBUGS-23216](https://issues.redhat.com/browse/OCPBUGS-23216): Update to v1.26.7 [#63](https://github.com/openshift/azure-disk-csi-driver/pull/63) * [OCPBUGS-20688](https://issues.redhat.com/browse/OCPBUGS-20688): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#55](https://github.com/openshift/azure-disk-csi-driver/pull/55) * [OCPBUGS-16318](https://issues.redhat.com/browse/OCPBUGS-16318): 4.13: UPSTREAM: 1744: fix: CVE-2022-41723 [#44](https://github.com/openshift/azure-disk-csi-driver/pull/44) * [Full changelog](https://github.com/openshift/azure-disk-csi-driver/compare/202e8afa8f1899d4cd1843d9e09cf8832ae0eff7...b6d3fbcbf312f03247092323a88a43873b693f22) ### [azure-disk-csi-driver-operator](https://github.com/openshift/azure-disk-csi-driver-operator/tree/8534d7563e209e12eec38a2027cd1d9efd530071) * [OCPBUGS-20766](https://issues.redhat.com/browse/OCPBUGS-20766): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#102](https://github.com/openshift/azure-disk-csi-driver-operator/pull/102) * [OCPBUGS-16250](https://issues.redhat.com/browse/OCPBUGS-16250): Add management workloads annotations [#86](https://github.com/openshift/azure-disk-csi-driver-operator/pull/86) * [Full changelog](https://github.com/openshift/azure-disk-csi-driver-operator/compare/67bda47232a73fe3877815d7901353f4f74ebeb0...8534d7563e209e12eec38a2027cd1d9efd530071) ### [azure-file-csi-driver](https://github.com/openshift/azure-file-csi-driver/tree/33d52ecd52b09ba3ab431ce2e2850262a88c2282) * [OCPBUGS-20862](https://issues.redhat.com/browse/OCPBUGS-20862): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#38](https://github.com/openshift/azure-file-csi-driver/pull/38) * [OCPBUGS-16321](https://issues.redhat.com/browse/OCPBUGS-16321): 4.13: UPSTREAM: 1211: fix: CVE-2022-41723 [#30](https://github.com/openshift/azure-file-csi-driver/pull/30) * [Full changelog](https://github.com/openshift/azure-file-csi-driver/compare/fd94a035e3d9dedce048f7e5f271e7ed6bea822f...33d52ecd52b09ba3ab431ce2e2850262a88c2282) ### [azure-file-csi-driver-operator](https://github.com/openshift/azure-file-csi-driver-operator/tree/70e0530255150e513061730f7624c9c235ee7c38) * [OCPBUGS-20964](https://issues.redhat.com/browse/OCPBUGS-20964): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#77](https://github.com/openshift/azure-file-csi-driver-operator/pull/77) * [OCPBUGS-16250](https://issues.redhat.com/browse/OCPBUGS-16250): Add management workloads annotations [#67](https://github.com/openshift/azure-file-csi-driver-operator/pull/67) * [Full changelog](https://github.com/openshift/azure-file-csi-driver-operator/compare/994c32c927a69df33f83aed440cc150e8d270341...70e0530255150e513061730f7624c9c235ee7c38) ### [azure-machine-controllers](https://github.com/openshift/machine-api-provider-azure/tree/62f6e0f3091262a84e1d6240e2086f35635b5b5b) * [OCPBUGS-29906](https://issues.redhat.com/browse/OCPBUGS-29906): Don't create availability set when using spot instances [#104](https://github.com/openshift/machine-api-provider-azure/pull/104) * [OCPBUGS-24563](https://issues.redhat.com/browse/OCPBUGS-24563): Reduce metrics cardinality [#89](https://github.com/openshift/machine-api-provider-azure/pull/89) * [OCPBUGS-20758](https://issues.redhat.com/browse/OCPBUGS-20758): Bump x/net package to v0.18.0 [#83](https://github.com/openshift/machine-api-provider-azure/pull/83) * [Full changelog](https://github.com/openshift/machine-api-provider-azure/compare/2c0c0ec9d486f737044033f5010a91e117c4e492...62f6e0f3091262a84e1d6240e2086f35635b5b5b) ### [baremetal-installer, installer, installer-artifacts](https://github.com/openshift/installer/tree/d334d540ab3d5f4ec3344b5ded7c454509c3639d) * [OCPBUGS-30629](https://issues.redhat.com/browse/OCPBUGS-30629): baremetal: populate customDeploy in advance [#8129](https://github.com/openshift/installer/pull/8129) * [OCPBUGS-29627](https://issues.redhat.com/browse/OCPBUGS-29627): update RHCOS 4.13 bootimage metadata to 413.92.202402131523-0 [#8038](https://github.com/openshift/installer/pull/8038) * [OCPBUGS-30000](https://issues.redhat.com/browse/OCPBUGS-30000): [release-4.13] Bump containerd for vulnerability fix [#8073](https://github.com/openshift/installer/pull/8073) * [OCPBUGS-28654](https://issues.redhat.com/browse/OCPBUGS-28654): Fix depreciated typo [#7963](https://github.com/openshift/installer/pull/7963) * [OCPBUGS-27453](https://issues.redhat.com/browse/OCPBUGS-27453): baremetal: correct external_http_url for v6-only BMCs [#7934](https://github.com/openshift/installer/pull/7934) * [OCPBUGS-23499](https://issues.redhat.com/browse/OCPBUGS-23499): update RHCOS 4.13 bootimage metadata to 413.92.202401100947-0 [#7920](https://github.com/openshift/installer/pull/7920) * [OCPBUGS-25420](https://issues.redhat.com/browse/OCPBUGS-25420): destroy: gcp: fix destroying regional disks [#7840](https://github.com/openshift/installer/pull/7840) * [OCPBUGS-23464](https://issues.redhat.com/browse/OCPBUGS-23464): Add KMS encryption keys if provided [#7746](https://github.com/openshift/installer/pull/7746) * [OCPBUGS-23141](https://issues.redhat.com/browse/OCPBUGS-23141): Specify google cloud CLI to version 447.0.0 [#7706](https://github.com/openshift/installer/pull/7706) * [OCPBUGS-22939](https://issues.redhat.com/browse/OCPBUGS-22939): azure: validation: validate defaultMachinePlatform [#7679](https://github.com/openshift/installer/pull/7679) * [OCPBUGS-14551](https://issues.redhat.com/browse/OCPBUGS-14551): [vSphere] Upi installation failed due to VMs for master and worker node creation failed [#7229](https://github.com/openshift/installer/pull/7229) * [OCPBUGS-19307](https://issues.redhat.com/browse/OCPBUGS-19307): Implement workaround to allow SNO installations for OKD/FCOS [#7480](https://github.com/openshift/installer/pull/7480) * [OCPBUGS-18787](https://issues.redhat.com/browse/OCPBUGS-18787): vSphere set bootstrap/master efi [#7481](https://github.com/openshift/installer/pull/7481) * [OCPBUGS-19320](https://issues.redhat.com/browse/OCPBUGS-19320): [release-4.13] for vsphere ipi add cluster domain to the uploaded vm configs so that… [#7498](https://github.com/openshift/installer/pull/7498) * [OCPBUGS-20141](https://issues.redhat.com/browse/OCPBUGS-20141): [release-4.13] Use updated ansible-core for Openstack image [#7559](https://github.com/openshift/installer/pull/7559) * [OCPBUGS-19670](https://issues.redhat.com/browse/OCPBUGS-19670): [release-4.13] Allow different service account for xpn installs in gcp [#7524](https://github.com/openshift/installer/pull/7524) * [OCPBUGS-19773](https://issues.redhat.com/browse/OCPBUGS-19773): Increase bootstrap timeout for vSphere platform by 30 mins [#7530](https://github.com/openshift/installer/pull/7530) * [OCPBUGS-16383](https://issues.redhat.com/browse/OCPBUGS-16383): [release-4.13] Default dataStore is returned the name instead the inventoryPath [#7343](https://github.com/openshift/installer/pull/7343) * [OCPBUGS-13681](https://issues.redhat.com/browse/OCPBUGS-13681): FCOS: bump to latest stable version [#7188](https://github.com/openshift/installer/pull/7188) * [OCPBUGS-11093](https://issues.redhat.com/browse/OCPBUGS-11093): Azure: don't set default subscriptionID for disk encryption sets [#7432](https://github.com/openshift/installer/pull/7432) * [OCPBUGS-17809](https://issues.redhat.com/browse/OCPBUGS-17809): Allow destroy for C2S isolated (us-iso and us-isob) partitions [#7427](https://github.com/openshift/installer/pull/7427) * [OCPBUGS-15231](https://issues.redhat.com/browse/OCPBUGS-15231): new Aws secret regions support [#7264](https://github.com/openshift/installer/pull/7264) * [OCPBUGS-15222](https://issues.redhat.com/browse/OCPBUGS-15222): terraform: aws: secret regions now support ALIAS record [#7262](https://github.com/openshift/installer/pull/7262) * [OCPBUGS-17823](https://issues.redhat.com/browse/OCPBUGS-17823): CORS-2445: GCP: Add osImage to the install config [#7431](https://github.com/openshift/installer/pull/7431) * [OCPBUGS-14432](https://issues.redhat.com/browse/OCPBUGS-14432): Replica validations [#7423](https://github.com/openshift/installer/pull/7423) * [OCPBUGS-13865](https://issues.redhat.com/browse/OCPBUGS-13865): vSphere Add ova sha query; additional debugging [#7198](https://github.com/openshift/installer/pull/7198) * [OCPBUGS-16640](https://issues.redhat.com/browse/OCPBUGS-16640): [release-4.13] Update azure cli version to 2.49.0 [#7357](https://github.com/openshift/installer/pull/7357) * [OCPBUGS-16777](https://issues.redhat.com/browse/OCPBUGS-16777): update RHCOS 4.13 bootimage metadata to 413.92.202307260246-0 [#7410](https://github.com/openshift/installer/pull/7410) * [CORS-2764](https://issues.redhat.com/browse/CORS-2764): AWS Shared VPC Backport [release-4.13] [#7362](https://github.com/openshift/installer/pull/7362) * [OCPBUGS-17104](https://issues.redhat.com/browse/OCPBUGS-17104): [release-4.13] vsphere terraform bump [#7383](https://github.com/openshift/installer/pull/7383) * [OCPBUGS-17397](https://issues.redhat.com/browse/OCPBUGS-17397): backport openstack UPI for ansible 2.10 [#7385](https://github.com/openshift/installer/pull/7385) * [OCPBUGS-15290](https://issues.redhat.com/browse/OCPBUGS-15290): GCP: ic: improve project validation [#7361](https://github.com/openshift/installer/pull/7361) * [OCPBUGS-16390](https://issues.redhat.com/browse/OCPBUGS-16390): Allow override of networkType [#7344](https://github.com/openshift/installer/pull/7344) * [OCPBUGS-16673](https://issues.redhat.com/browse/OCPBUGS-16673): Fix timing issue between network services [#7358](https://github.com/openshift/installer/pull/7358) * [OCPBUGS-14711](https://issues.redhat.com/browse/OCPBUGS-14711): Convert Rendezvous IPv6 address to canonical format [#7237](https://github.com/openshift/installer/pull/7237) * [OCPBUGS-16066](https://issues.redhat.com/browse/OCPBUGS-16066): Use correct SELinux label. Make rename atomic. [#7315](https://github.com/openshift/installer/pull/7315) * [OCPBUGS-14599](https://issues.redhat.com/browse/OCPBUGS-14599): Log additional host info at warning level [#7233](https://github.com/openshift/installer/pull/7233) * [OCPBUGS-15866](https://issues.redhat.com/browse/OCPBUGS-15866): Use the same names for public LB in IPI and UPI Azure [#7302](https://github.com/openshift/installer/pull/7302) * [OCPBUGS-16124](https://issues.redhat.com/browse/OCPBUGS-16124): azure: skip LB creation when not needed [#7322](https://github.com/openshift/installer/pull/7322) * [OCPBUGS-13812](https://issues.redhat.com/browse/OCPBUGS-13812): ic: azure: validate diskTypes in AzureStack [#7195](https://github.com/openshift/installer/pull/7195) * [OCPBUGS-15230](https://issues.redhat.com/browse/OCPBUGS-15230): azure: skip NSG creation when BYO vnet [#7263](https://github.com/openshift/installer/pull/7263) * [OCPBUGS-15591](https://issues.redhat.com/browse/OCPBUGS-15591): [release-4.13] gcp: add confidential compute support for boostrap TF [#7298](https://github.com/openshift/installer/pull/7298) * [OCPBUGS-15187](https://issues.redhat.com/browse/OCPBUGS-15187): images: installer: add xz to the container [#7260](https://github.com/openshift/installer/pull/7260) * [OCPBUGS-14867](https://issues.redhat.com/browse/OCPBUGS-14867): Shorten SNO installation duration by releasing CPC lease [#7241](https://github.com/openshift/installer/pull/7241) * [OCPBUGS-13752](https://issues.redhat.com/browse/OCPBUGS-13752): Set AdditionalTrustBundle in override when mirroring not enabled [#7191](https://github.com/openshift/installer/pull/7191) * [OCPBUGS-15289](https://issues.redhat.com/browse/OCPBUGS-15289): gcp use preconfigured private zone for installation [#7271](https://github.com/openshift/installer/pull/7271) * [OCPBUGS-14916](https://issues.redhat.com/browse/OCPBUGS-14916): Replace with govc docker image and fix ibmcli folder permission issue [#7245](https://github.com/openshift/installer/pull/7245) * [OCPBUGS-13323](https://issues.redhat.com/browse/OCPBUGS-13323): update RHCOS 4.13 bootimage metadata to 413.92.202306140611-0 [#7248](https://github.com/openshift/installer/pull/7248) * [OCPBUGS-14860](https://issues.redhat.com/browse/OCPBUGS-14860): GCP XPN Private Cluster Fails with no Public Zone [#7240](https://github.com/openshift/installer/pull/7240) * [OCPBUGS-13765](https://issues.redhat.com/browse/OCPBUGS-13765): Support /dev/disk/by-path root device hints [#7193](https://github.com/openshift/installer/pull/7193) * [OCPBUGS-14171](https://issues.redhat.com/browse/OCPBUGS-14171): Ignore IAM Roles that the Installer is not authorized to access [#7210](https://github.com/openshift/installer/pull/7210) * [OCPBUGS-11530](https://issues.redhat.com/browse/OCPBUGS-11530): [release-4.13] add project filter to gcp usage api requests [#7045](https://github.com/openshift/installer/pull/7045) * [OCPBUGS-10493](https://issues.redhat.com/browse/OCPBUGS-10493): Nutanix Hostname of the VM is not set when using DHCP network config [#7016](https://github.com/openshift/installer/pull/7016) * [OCPBUGS-14027](https://issues.redhat.com/browse/OCPBUGS-14027): GCP XPN: Pass instance service acct in manual mode [#7204](https://github.com/openshift/installer/pull/7204) * [Full changelog](https://github.com/openshift/installer/compare/2f227cc47f4e7ca6ed8edf0caf7c48283a82fc03...d334d540ab3d5f4ec3344b5ded7c454509c3639d) ### [baremetal-machine-controllers](https://github.com/openshift/cluster-api-provider-baremetal/tree/336497557b48d67635a7be2bf26ae6a885a67560) * [OCPBUGS-29822](https://issues.redhat.com/browse/OCPBUGS-29822): Extend metal3remediation aggregation role [#212](https://github.com/openshift/cluster-api-provider-baremetal/pull/212) * [OCPBUGS-21701](https://issues.redhat.com/browse/OCPBUGS-21701): Uplift x/net to v0.17.0 [#199](https://github.com/openshift/cluster-api-provider-baremetal/pull/199) * [OCPBUGS-16084](https://issues.redhat.com/browse/OCPBUGS-16084): Fix Metal3Remediation CRD install order [#194](https://github.com/openshift/cluster-api-provider-baremetal/pull/194) * [Full changelog](https://github.com/openshift/cluster-api-provider-baremetal/compare/d20bc578a4368130d10f41ad974bf147af9410f8...336497557b48d67635a7be2bf26ae6a885a67560) ### [baremetal-operator](https://github.com/openshift/baremetal-operator/tree/f6db335c7a6fe564a6ef56a98b71e230e685fc6f) * [OCPBUGS-30629](https://issues.redhat.com/browse/OCPBUGS-30629): Do not update instance_info and deploy_interface for active nodes [#337](https://github.com/openshift/baremetal-operator/pull/337) * [OCPBUGS-23504](https://issues.redhat.com/browse/OCPBUGS-23504): hack for deploying V6-only clusters from dualstack hubs [#321](https://github.com/openshift/baremetal-operator/pull/321) * [OCPBUGS-21167](https://issues.redhat.com/browse/OCPBUGS-21167): Uplift x/net to v0.17.0 [#309](https://github.com/openshift/baremetal-operator/pull/309) * [OCPBUGS-17365](https://issues.redhat.com/browse/OCPBUGS-17365): Trigger reconcile on Secret change [#295](https://github.com/openshift/baremetal-operator/pull/295) * [OCPBUGS-16013](https://issues.redhat.com/browse/OCPBUGS-16013): Bump go.etcd.io/etcd/client/pkg/v3 from 3.5.6 to 3.5.9 [#292](https://github.com/openshift/baremetal-operator/pull/292) * [OCPBUGS-17229](https://issues.redhat.com/browse/OCPBUGS-17229): Set minimum TLS version for webhook to 1.2 [#294](https://github.com/openshift/baremetal-operator/pull/294) * [OCPBUGS-13374](https://issues.redhat.com/browse/OCPBUGS-13374): Do not try to update images for nodes in transient states [#282](https://github.com/openshift/baremetal-operator/pull/282) * [OCPBUGS-13927](https://issues.redhat.com/browse/OCPBUGS-13927): Deleting unmanaged BMH get stuck fix [#281](https://github.com/openshift/baremetal-operator/pull/281) * [Full changelog](https://github.com/openshift/baremetal-operator/compare/d17c8bce1af351ffa1393026b0c75369a5cb0fa4...f6db335c7a6fe564a6ef56a98b71e230e685fc6f) ### [baremetal-runtimecfg](https://github.com/openshift/baremetal-runtimecfg/tree/1280cf541c220af73b9886379dad2dfa4921f73b) * [OCPBUGS-26929](https://issues.redhat.com/browse/OCPBUGS-26929): Add .snyk file to ignore vendor and test files [#295](https://github.com/openshift/baremetal-runtimecfg/pull/295) * [OCPBUGS-22207](https://issues.redhat.com/browse/OCPBUGS-22207): deps: upgrade x/sys [#282](https://github.com/openshift/baremetal-runtimecfg/pull/282) * [OCPBUGS-20081](https://issues.redhat.com/browse/OCPBUGS-20081): Increase timeout for bootstrap kubeapi [#278](https://github.com/openshift/baremetal-runtimecfg/pull/278) * [OCPBUGS-18582](https://issues.redhat.com/browse/OCPBUGS-18582): Move haproxy firewall rule check earlier in loop [#271](https://github.com/openshift/baremetal-runtimecfg/pull/271) * [OCPBUGS-17423](https://issues.redhat.com/browse/OCPBUGS-17423): Don't render config with incomplete unicast peer list [#267](https://github.com/openshift/baremetal-runtimecfg/pull/267) * [OCPBUGS-14487](https://issues.redhat.com/browse/OCPBUGS-14487): Support IPv6 VIP for setup with multipe IPv6 addresses [#259](https://github.com/openshift/baremetal-runtimecfg/pull/259) * [OCPBUGS-15101](https://issues.redhat.com/browse/OCPBUGS-15101): Use machine-config state instead of comparing roles [#261](https://github.com/openshift/baremetal-runtimecfg/pull/261) * [Full changelog](https://github.com/openshift/baremetal-runtimecfg/compare/f0c1297c424d2ce8d20b376c488f8ada595b39b9...1280cf541c220af73b9886379dad2dfa4921f73b) ### [cli, cli-artifacts, deployer, tools](https://github.com/openshift/oc/tree/7780c379ac62ddfc982b81eb0c4470b9597f505e) * [OCPBUGS-25418](https://issues.redhat.com/browse/OCPBUGS-25418): Add client version in must-gather summary [#1635](https://github.com/openshift/oc/pull/1635) * [OCPBUGS-24461](https://issues.redhat.com/browse/OCPBUGS-24461): Overwrite template's namespace with the explicit one [#1617](https://github.com/openshift/oc/pull/1617) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): Add OAuth2 Authorization Code Grant Flow for login [#1599](https://github.com/openshift/oc/pull/1599) * [OCPBUGS-22815](https://issues.redhat.com/browse/OCPBUGS-22815): regeneratemco: explicitly check for PlatformStatus field [#1593](https://github.com/openshift/oc/pull/1593) * [OCPBUGS-20298](https://issues.redhat.com/browse/OCPBUGS-20298): Use quay redis image instead docker mysql [#1566](https://github.com/openshift/oc/pull/1566) * [OCPBUGS-19942](https://issues.redhat.com/browse/OCPBUGS-19942): Truncate existing files when writing from inspect [#1553](https://github.com/openshift/oc/pull/1553) * [OCPBUGS-13527](https://issues.redhat.com/browse/OCPBUGS-13527): Bump x org deps 4.13 [#1422](https://github.com/openshift/oc/pull/1422) * [OCPBUGS-16055](https://issues.redhat.com/browse/OCPBUGS-16055): mcs cert: account for environments that use IP directly [#1500](https://github.com/openshift/oc/pull/1500) * [OCPBUGS-16193](https://issues.redhat.com/browse/OCPBUGS-16193): reboot: set ignition version to 3.1 [#1508](https://github.com/openshift/oc/pull/1508) * [OCPBUGS-16172](https://issues.redhat.com/browse/OCPBUGS-16172): Add tls-server-name when property exists in kubeconfig [#1506](https://github.com/openshift/oc/pull/1506) * handle the error case of node retrieval while waiting for reboot [#1484](https://github.com/openshift/oc/pull/1484) * bring some cert rotation helpers back into 4.13 [#1474](https://github.com/openshift/oc/pull/1474) * [OCPBUGS-14249](https://issues.redhat.com/browse/OCPBUGS-14249): preserve explicit release image in ClusterVersion [#1435](https://github.com/openshift/oc/pull/1435) * [OCPBUGS-14180](https://issues.redhat.com/browse/OCPBUGS-14180): Remove closed centos7 registry from newapp unit tests [#1432](https://github.com/openshift/oc/pull/1432) * [Full changelog](https://github.com/openshift/oc/compare/92b1a3d0e5d092430b523f6541aa0c504b2222b3...7780c379ac62ddfc982b81eb0c4470b9597f505e) ### [cloud-credential-operator](https://github.com/openshift/cloud-credential-operator/tree/e1c403be7e7e054ae167c061878805b2d2276b9e) * [OCPBUGS-27912](https://issues.redhat.com/browse/OCPBUGS-27912): Resolve all outstanding snyk vulnerabilities [#651](https://github.com/openshift/cloud-credential-operator/pull/651) * NO-JIRA: Removing andrew from OWNERS [#644](https://github.com/openshift/cloud-credential-operator/pull/644) * [OCPBUGS-25369](https://issues.redhat.com/browse/OCPBUGS-25369): Discover AWS dns suffix from partition and region. [#640](https://github.com/openshift/cloud-credential-operator/pull/640) * [OCPBUGS-21367](https://issues.redhat.com/browse/OCPBUGS-21367): Upgrade golang/x/net for CVE-2023-39325 [#623](https://github.com/openshift/cloud-credential-operator/pull/623) * snyk: exclude vendor/ [#616](https://github.com/openshift/cloud-credential-operator/pull/616) * [OCPBUGS-12565](https://issues.redhat.com/browse/OCPBUGS-12565): CVE-2022-41723 ose-cloud-credential-operator-container: net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [openshift-4] [#543](https://github.com/openshift/cloud-credential-operator/pull/543) * [Full changelog](https://github.com/openshift/cloud-credential-operator/compare/d3b5ffa30529cfb744715145919b58de6872656f...e1c403be7e7e054ae167c061878805b2d2276b9e) ### [cloud-network-config-controller](https://github.com/openshift/cloud-network-config-controller/tree/78d453a5ca0f5e009d3a16e62f2e0e35c3ac5a9c) * [OCPBUGS-22299](https://issues.redhat.com/browse/OCPBUGS-22299): Azure: skip backend pool if attached to an outbound rule [#126](https://github.com/openshift/cloud-network-config-controller/pull/126) * [OCPBUGS-15856](https://issues.redhat.com/browse/OCPBUGS-15856): Azure: Handle already existing IP configurations [#116](https://github.com/openshift/cloud-network-config-controller/pull/116) * [OCPBUGS-14635](https://issues.redhat.com/browse/OCPBUGS-14635): increase GCP egress ip capacity to 100 from 10 [#113](https://github.com/openshift/cloud-network-config-controller/pull/113) * [Full changelog](https://github.com/openshift/cloud-network-config-controller/compare/71ccef5299dc865106a86f6f514041dbe33086bb...78d453a5ca0f5e009d3a16e62f2e0e35c3ac5a9c) ### [cluster-authentication-operator](https://github.com/openshift/cluster-authentication-operator/tree/1801056c175da7d1e8d5507fa4558564740c7f4d) * [OCPBUGS-28760](https://issues.redhat.com/browse/OCPBUGS-28760): Fix http2 [4.13] [#654](https://github.com/openshift/cluster-authentication-operator/pull/654) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): Add openshift-cli-client OAuth Client [#641](https://github.com/openshift/cluster-authentication-operator/pull/641) * [OCPBUGS-22210](https://issues.redhat.com/browse/OCPBUGS-22210): increase timeout for probes [#638](https://github.com/openshift/cluster-authentication-operator/pull/638) * [OCPBUGS-15258](https://issues.redhat.com/browse/OCPBUGS-15258): Correctly link oauth apiserver ServiceMonitor with its Service [#617](https://github.com/openshift/cluster-authentication-operator/pull/617) * [OCPBUGS-13763](https://issues.redhat.com/browse/OCPBUGS-13763): dont log tokens [#618](https://github.com/openshift/cluster-authentication-operator/pull/618) * [Full changelog](https://github.com/openshift/cluster-authentication-operator/compare/a69e6b75c9a98bddae0e5ebdfd84c72f3fc72242...1801056c175da7d1e8d5507fa4558564740c7f4d) ### [cluster-autoscaler](https://github.com/openshift/kubernetes-autoscaler/tree/80cb6c58a87dbe842eb33cf9ec23ff96911e01c9) * [OCPBUGS-30874](https://issues.redhat.com/browse/OCPBUGS-30874): Fix unstructured taint parsing in Cluster API provider [#289](https://github.com/openshift/kubernetes-autoscaler/pull/289) * [OCPBUGS-23272](https://issues.redhat.com/browse/OCPBUGS-23272): Rebase 4.13 branch onto cluster autoscaler 1.26.4 [#268](https://github.com/openshift/kubernetes-autoscaler/pull/268) * [Full changelog](https://github.com/openshift/kubernetes-autoscaler/compare/c58c53bf7a82ee46414c7f7c0f2e0e438da93eeb...80cb6c58a87dbe842eb33cf9ec23ff96911e01c9) ### [cluster-autoscaler-operator](https://github.com/openshift/cluster-autoscaler-operator/tree/ade6cfb16944db8e2151f921640041e0b2a403c3) * [OCPBUGS-20770](https://issues.redhat.com/browse/OCPBUGS-20770): Bump x/net package to v0.18.0 [#299](https://github.com/openshift/cluster-autoscaler-operator/pull/299) * [OCPBUGS-17056](https://issues.redhat.com/browse/OCPBUGS-17056): Address long acquire times during update [#289](https://github.com/openshift/cluster-autoscaler-operator/pull/289) * [OCPBUGS-17098](https://issues.redhat.com/browse/OCPBUGS-17098): update x/net dependency to 0.7.0 [#280](https://github.com/openshift/cluster-autoscaler-operator/pull/280) * [OCPBUGS-16768](https://issues.redhat.com/browse/OCPBUGS-16768): add nutanix labels that should be ignored [#278](https://github.com/openshift/cluster-autoscaler-operator/pull/278) * [Full changelog](https://github.com/openshift/cluster-autoscaler-operator/compare/99a0e2bacb4beacc58ea0c203c247f35fdf57ee1...ade6cfb16944db8e2151f921640041e0b2a403c3) ### [cluster-baremetal-operator](https://github.com/openshift/cluster-baremetal-operator/tree/b5eb7b6c7b85dd8ef51fe138ec7e6b5392391c11) * [OCPBUGS-23504](https://issues.redhat.com/browse/OCPBUGS-23504): hack for deploying V6-only clusters from dualstack hubs [#391](https://github.com/openshift/cluster-baremetal-operator/pull/391) * [OCPBUGS-23444](https://issues.redhat.com/browse/OCPBUGS-23444): Update the deprecated field APIServerInternalIP to APIServerInternalIPs [#385](https://github.com/openshift/cluster-baremetal-operator/pull/385) * [OCPBUGS-20867](https://issues.redhat.com/browse/OCPBUGS-20867): Uplift x/net to v0.17.0 [#370](https://github.com/openshift/cluster-baremetal-operator/pull/370) * [OCPBUGS-19369](https://issues.redhat.com/browse/OCPBUGS-19369): Guard against nil PlatformStatus [#363](https://github.com/openshift/cluster-baremetal-operator/pull/363) * [OCPBUGS-15472](https://issues.redhat.com/browse/OCPBUGS-15472): Limit role binding to openshift-machine-api namespace [#346](https://github.com/openshift/cluster-baremetal-operator/pull/346) * [Full changelog](https://github.com/openshift/cluster-baremetal-operator/compare/db283115e0b424e404307602701f1b6295c2f856...b5eb7b6c7b85dd8ef51fe138ec7e6b5392391c11) ### [cluster-capi-controllers](https://github.com/openshift/cluster-api/tree/12f767b2bd5de1a2641962f5d86d8564333afc65) * [OCPBUGS-21531](https://issues.redhat.com/browse/OCPBUGS-21531): bump golang.org/x/net to v0.17.0 [#185](https://github.com/openshift/cluster-api/pull/185) * [OCPBUGS-12567](https://issues.redhat.com/browse/OCPBUGS-12567): Bump x/net package to v0.10.0 [#176](https://github.com/openshift/cluster-api/pull/176) * [Full changelog](https://github.com/openshift/cluster-api/compare/0142186bad9acc2d7950663129a4ef82c32a5610...12f767b2bd5de1a2641962f5d86d8564333afc65) ### [cluster-capi-operator](https://github.com/openshift/cluster-capi-operator/tree/b247793dd364f280ad097f5266b4164740e43a44) * [OCPBUGS-21082](https://issues.redhat.com/browse/OCPBUGS-21082): bump golang.org/x/net to v0.17.0 [#137](https://github.com/openshift/cluster-capi-operator/pull/137) * [Full changelog](https://github.com/openshift/cluster-capi-operator/compare/ce1c9a359ec9ab0c5526cd8594ea59bb52044026...b247793dd364f280ad097f5266b4164740e43a44) ### [cluster-cloud-controller-manager-operator](https://github.com/openshift/cluster-cloud-controller-manager-operator/tree/288b3fe3f2637e3ac80464cc5513011fd3a3c583) * [OCPBUGS-21169](https://issues.redhat.com/browse/OCPBUGS-21169): Bump golang.org/x/net to v0.18.0 [#296](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/296) * [OCPBUGS-17101](https://issues.redhat.com/browse/OCPBUGS-17101): update x/net dependency to 0.7.0 [#269](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/269) * [OCPBUGS-15746](https://issues.redhat.com/browse/OCPBUGS-15746): Alibaba platforms should not be upgradeable [#260](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/260) * [OCPBUGS-13011](https://issues.redhat.com/browse/OCPBUGS-13011): Add beta topology labels flag to Azure cloud node manager [#250](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/250) * [Full changelog](https://github.com/openshift/cluster-cloud-controller-manager-operator/compare/ecb49c59ae21b6beb7c3071e80c5c847f1ba7fbe...288b3fe3f2637e3ac80464cc5513011fd3a3c583) ### [cluster-config-operator](https://github.com/openshift/cluster-config-operator/tree/a6d56530c7156bef726005d640c3ded3565104ec) * [OCPBUGS-28802](https://issues.redhat.com/browse/OCPBUGS-28802): Add required PSa labels [#404](https://github.com/openshift/cluster-config-operator/pull/404) * : OCPBUGS-21269: bump library-go to include switch to HTTP/1.1 [#372](https://github.com/openshift/cluster-config-operator/pull/372) * [CORS-2766](https://issues.redhat.com/browse/CORS-2766): AWS Shared VPC API Bump [release-4.13] [#337](https://github.com/openshift/cluster-config-operator/pull/337) * [OCPBUGS-16164](https://issues.redhat.com/browse/OCPBUGS-16164): retire LatencySensitive featureset [#329](https://github.com/openshift/cluster-config-operator/pull/329) * [Full changelog](https://github.com/openshift/cluster-config-operator/compare/923b864e76c6e8eb1bfcd66bb73327588dd8b75a...a6d56530c7156bef726005d640c3ded3565104ec) ### [cluster-control-plane-machine-set-operator](https://github.com/openshift/cluster-control-plane-machine-set-operator/tree/492cc21b66edf7bb0032e7e5bcdf3b94cc38cfd7) * [OCPBUGS-30156](https://issues.redhat.com/browse/OCPBUGS-30156): Never delete a Machine when there's a single Machine in an index [#286](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/286) * [OCPBUGS-21364](https://issues.redhat.com/browse/OCPBUGS-21364): Bump golang.org/x/net to v0.17.0 [#259](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/259) * [OCPBUGS-20482](https://issues.redhat.com/browse/OCPBUGS-20482): fix: e2e: add gcp custom type to test framework [#249](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/249) * [OCPBUGS-17055](https://issues.redhat.com/browse/OCPBUGS-17055): Address long acquire times during update [#240](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/240) * [OCPBUGS-15330](https://issues.redhat.com/browse/OCPBUGS-15330): Fix lint issue [#222](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/222) * [OCPBUGS-15161](https://issues.redhat.com/browse/OCPBUGS-15161): Surface cpms vs machine diff [#218](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/218) * [OCPBUGS-14024](https://issues.redhat.com/browse/OCPBUGS-14024): Check ProviderSpec before generating MachineInfo [#211](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/211) * [Full changelog](https://github.com/openshift/cluster-control-plane-machine-set-operator/compare/9740b7ebfb127dfaa251506714e6c8cb41f0ae2b...492cc21b66edf7bb0032e7e5bcdf3b94cc38cfd7) ### [cluster-csi-snapshot-controller-operator](https://github.com/openshift/cluster-csi-snapshot-controller-operator/tree/544bc12e412d94153ef711cc0bb55eb40ab6d43e) * [OCPBUGS-21461](https://issues.redhat.com/browse/OCPBUGS-21461): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#168](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/168) * [Full changelog](https://github.com/openshift/cluster-csi-snapshot-controller-operator/compare/97b486cb22d56c7ea17b6829606ae0c555bcc426...544bc12e412d94153ef711cc0bb55eb40ab6d43e) ### [cluster-dns-operator](https://github.com/openshift/cluster-dns-operator/tree/759791edae6fcd129e9f04adf6406328892f0f53) * [OCPBUGS-11449](https://issues.redhat.com/browse/OCPBUGS-11449): Set DNS DaemonSet's maxSurge value to 10% [#366](https://github.com/openshift/cluster-dns-operator/pull/366) * [OCPBUGS-21534](https://issues.redhat.com/browse/OCPBUGS-21534): Bump golang.org/x/net/http2 to v0.17.0 for CVE-2023-39325 in cluster-dns-operator [#390](https://github.com/openshift/cluster-dns-operator/pull/390) * [OCPBUGS-11449](https://issues.redhat.com/browse/OCPBUGS-11449): Enable topology-aware hints if, and only if, nodes have zones [#367](https://github.com/openshift/cluster-dns-operator/pull/367) * [OCPBUGS-15225](https://issues.redhat.com/browse/OCPBUGS-15225): Add support for protocolStrategy API field to enable force_tcp configuration [#372](https://github.com/openshift/cluster-dns-operator/pull/372) * [Full changelog](https://github.com/openshift/cluster-dns-operator/compare/d96022a4d0d091955d73e7e99fc8cc81db56c86a...759791edae6fcd129e9f04adf6406328892f0f53) ### [cluster-etcd-operator](https://github.com/openshift/cluster-etcd-operator/tree/c9b9bec902f93acc8469e0f6b502d0bab1734f67) * [OCPBUGS-30248](https://issues.redhat.com/browse/OCPBUGS-30248): fix panic in health check timeouts [#1217](https://github.com/openshift/cluster-etcd-operator/pull/1217) * [OCPBUGS-30245](https://issues.redhat.com/browse/OCPBUGS-30245): [4.13] Replace nodelister with master nodelister everywhere [#1216](https://github.com/openshift/cluster-etcd-operator/pull/1216) * [OCPBUGS-23572](https://issues.redhat.com/browse/OCPBUGS-23572): Add annotation in the etcd-guard static pod for worklo… [#1163](https://github.com/openshift/cluster-etcd-operator/pull/1163) * [OCPBUGS-23106](https://issues.redhat.com/browse/OCPBUGS-23106): [4.13] Remove z-upgrades from UpgradeBackupController [#1154](https://github.com/openshift/cluster-etcd-operator/pull/1154) * Revert "[release-4.13] OCPBUGS-23044: remove revision stability check from bootstrap complet…" [#1166](https://github.com/openshift/cluster-etcd-operator/pull/1166) * [OCPBUGS-22783](https://issues.redhat.com/browse/OCPBUGS-22783): relax readiness to local serializable requests [#1144](https://github.com/openshift/cluster-etcd-operator/pull/1144) * [OCPBUGS-23044](https://issues.redhat.com/browse/OCPBUGS-23044): remove revision stability check from bootstrap complet… [#1151](https://github.com/openshift/cluster-etcd-operator/pull/1151) * [OCPBUGS-21155](https://issues.redhat.com/browse/OCPBUGS-21155): fixing CVE-2023-39325 by updating dependencies [#1143](https://github.com/openshift/cluster-etcd-operator/pull/1143) * [OCPBUGS-20488](https://issues.redhat.com/browse/OCPBUGS-20488): prioritize podman pull in etcdctl dl [#1136](https://github.com/openshift/cluster-etcd-operator/pull/1136) * [OCPBUGS-19378](https://issues.redhat.com/browse/OCPBUGS-19378): [4.13] Backports of backup/restore fixes [#1117](https://github.com/openshift/cluster-etcd-operator/pull/1117) * [OCPBUGS-19825](https://issues.redhat.com/browse/OCPBUGS-19825): Update staticpod file permissions to conform with CIS benchmarks [#1125](https://github.com/openshift/cluster-etcd-operator/pull/1125) * [OCPBUGS-16804](https://issues.redhat.com/browse/OCPBUGS-16804): reset snapshot default counts to avoid file already lo… [#1080](https://github.com/openshift/cluster-etcd-operator/pull/1080) * [OCPBUGS-12487](https://issues.redhat.com/browse/OCPBUGS-12487): update golang.org/x/net/http2 [#1075](https://github.com/openshift/cluster-etcd-operator/pull/1075) * [Full changelog](https://github.com/openshift/cluster-etcd-operator/compare/4a9be58b44eee435cfa28b97f5f4c0d816424717...c9b9bec902f93acc8469e0f6b502d0bab1734f67) ### [cluster-image-registry-operator](https://github.com/openshift/cluster-image-registry-operator/tree/26ddef6b6f7036de02713bb678c6c8e6a7ea8a04) * [OCPBUGS-29935](https://issues.redhat.com/browse/OCPBUGS-29935): pkg/storage/s3: enable bucket key on encryption settings [#1007](https://github.com/openshift/cluster-image-registry-operator/pull/1007) * [OCPBUGS-22126](https://issues.redhat.com/browse/OCPBUGS-22126): increase storage account key cache expiration [#940](https://github.com/openshift/cluster-image-registry-operator/pull/940) * [OCPBUGS-20698](https://issues.redhat.com/browse/OCPBUGS-20698): mitigate effects of rapid reset [#946](https://github.com/openshift/cluster-image-registry-operator/pull/946) * [Full changelog](https://github.com/openshift/cluster-image-registry-operator/compare/3ed61e2b86c3ff0eddc66baa038a6b30a579ce15...26ddef6b6f7036de02713bb678c6c8e6a7ea8a04) ### [cluster-ingress-operator](https://github.com/openshift/cluster-ingress-operator/tree/5379ce1cb9305d89e0349a3e80fac8801c72eb42) * [OCPBUGS-20781](https://issues.redhat.com/browse/OCPBUGS-20781): Bump golang.org/x/net for CVE-2023-44487 [#987](https://github.com/openshift/cluster-ingress-operator/pull/987) * [OCPBUGS-22402](https://issues.redhat.com/browse/OCPBUGS-22402): test/e2e: Don't use openshift/origin-node [#991](https://github.com/openshift/cluster-ingress-operator/pull/991) * [OCPBUGS-17733](https://issues.redhat.com/browse/OCPBUGS-17733): [release-4.13] remove shared VPC cred request [#972](https://github.com/openshift/cluster-ingress-operator/pull/972) * [NE-1341](https://issues.redhat.com/browse/NE-1341): Add support for AWS shared VPC in another account [#966](https://github.com/openshift/cluster-ingress-operator/pull/966) * [OCPBUGS-15434](https://issues.redhat.com/browse/OCPBUGS-15434): [release-4.13] Fix invalid DNS name formatting for GCP [#958](https://github.com/openshift/cluster-ingress-operator/pull/958) * [OCPBUGS-15515](https://issues.redhat.com/browse/OCPBUGS-15515): Update TestAWSELBConnectionIdleTimeout to not use wildcard DNS record [#955](https://github.com/openshift/cluster-ingress-operator/pull/955) * [OCPBUGS-12743](https://issues.redhat.com/browse/OCPBUGS-12743): bump controller-runtime to fix the multi namespace cache indexing [#921](https://github.com/openshift/cluster-ingress-operator/pull/921) * [OCPBUGS-13964](https://issues.redhat.com/browse/OCPBUGS-13964), [OCPBUGS-13967](https://issues.redhat.com/browse/OCPBUGS-13967): Handle mTLS CRLs, and fix accidental CRL duplication [#935](https://github.com/openshift/cluster-ingress-operator/pull/935) * [OCPBUGS-12918](https://issues.redhat.com/browse/OCPBUGS-12918): gatewayclass: Update for OSSM 2.4 API change [#917](https://github.com/openshift/cluster-ingress-operator/pull/917) * [Full changelog](https://github.com/openshift/cluster-ingress-operator/compare/7262c34b3a6434b49851ff5f0cceec87a2ee9706...5379ce1cb9305d89e0349a3e80fac8801c72eb42) ### [cluster-kube-apiserver-operator](https://github.com/openshift/cluster-kube-apiserver-operator/tree/a5ca01222476bb9f05916217be6f94f08e91a4ec) * : OCPBUGS-24023: Add workload partitioning annotation [#1591](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1591) * : OCPBUGS-20880: bump library-go to include switch to HTTP/1.1 [#1573](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1573) * [OCPBUGS-19825](https://issues.redhat.com/browse/OCPBUGS-19825): Update staticpod file permissions to conform with CIS benchmarks [#1558](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1558) * [OCPBUGS-15853](https://issues.redhat.com/browse/OCPBUGS-15853): pkg/operator/configobserver: check that the serving certificate refer… [#1522](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1522) * [OCPBUGS-17081](https://issues.redhat.com/browse/OCPBUGS-17081): make webhook connection failure a warning in log [#1532](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1532) * [OCPBUGS-13763](https://issues.redhat.com/browse/OCPBUGS-13763): dont log jwt tokens [#1499](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1499) * [Full changelog](https://github.com/openshift/cluster-kube-apiserver-operator/compare/02ea4a4120dd0f8eb49d070b1fe420ed6d1debba...a5ca01222476bb9f05916217be6f94f08e91a4ec) ### [cluster-kube-cluster-api-operator](https://github.com/openshift/cluster-api-operator/tree/18c076b1b56e06086fc3e4ea89d6922cca2d6b4a) * [OCPBUGS-20981](https://issues.redhat.com/browse/OCPBUGS-20981): bump golang.org/x/net to v0.17.0 [#28](https://github.com/openshift/cluster-api-operator/pull/28) * [OCPBUGS-13093](https://issues.redhat.com/browse/OCPBUGS-13093): Bump golang.org/x/net [#20](https://github.com/openshift/cluster-api-operator/pull/20) * [Full changelog](https://github.com/openshift/cluster-api-operator/compare/b8428eb60d727565fefa4e37c845d704913cf0c5...18c076b1b56e06086fc3e4ea89d6922cca2d6b4a) ### [cluster-kube-controller-manager-operator](https://github.com/openshift/cluster-kube-controller-manager-operator/tree/dac7113696160d1170d9b3773afa4a4b7cb2099b) * [OCPBUGS-27066](https://issues.redhat.com/browse/OCPBUGS-27066): bump(library-go)=release-4.13 [#788](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/788) * [OCPBUGS-21103](https://issues.redhat.com/browse/OCPBUGS-21103): Drop flags removed in k8s 1.26 [4.13] [#766](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/766) * [OCPBUGS-21078](https://issues.redhat.com/browse/OCPBUGS-21078): Bump deps to address CVE-2023-44487 [4.13] [#758](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/758) * [OCPBUGS-19825](https://issues.redhat.com/browse/OCPBUGS-19825): Update staticpod file permissions to conform with CIS benchmarks [#752](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/752) * [Full changelog](https://github.com/openshift/cluster-kube-controller-manager-operator/compare/56b970786d152344f0d4762c8271d20e5fc9d28b...dac7113696160d1170d9b3773afa4a4b7cb2099b) ### [cluster-kube-scheduler-operator](https://github.com/openshift/cluster-kube-scheduler-operator/tree/2e7c269b358223b89632b35840e6a91cdc7bb9aa) * [OCPBUGS-27065](https://issues.redhat.com/browse/OCPBUGS-27065): bump(library-go)=release-4.13 [#528](https://github.com/openshift/cluster-kube-scheduler-operator/pull/528) * [OCPBUGS-21811](https://issues.redhat.com/browse/OCPBUGS-21811): Bump deps to address CVE-2023-44487 [#502](https://github.com/openshift/cluster-kube-scheduler-operator/pull/502) * [OCPBUGS-19825](https://issues.redhat.com/browse/OCPBUGS-19825): Update staticpod file permissions to conform with CIS benchmarks [#497](https://github.com/openshift/cluster-kube-scheduler-operator/pull/497) * [OCPBUGS-14651](https://issues.redhat.com/browse/OCPBUGS-14651): disable debug pporf with unauthenticated port for 4.13 [#480](https://github.com/openshift/cluster-kube-scheduler-operator/pull/480) * [Full changelog](https://github.com/openshift/cluster-kube-scheduler-operator/compare/dc5cba57ddcdb5a4b43240d1c2ab908fa953d887...2e7c269b358223b89632b35840e6a91cdc7bb9aa) ### [cluster-kube-storage-version-migrator-operator](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/tree/721de5d64083b17c22f6b784bb2c78af39d7b3b0) * : OCPBUGS-21355: bump library-go to include switch to HTTP/1.1 [#97](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/pull/97) * [Full changelog](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/compare/9f475980d1e6a70f0e9400aec6f15e5f5a6132b6...721de5d64083b17c22f6b784bb2c78af39d7b3b0) ### [cluster-machine-approver](https://github.com/openshift/cluster-machine-approver/tree/25fe7b4bd96baba2eef8c0c22521fdc8c08f981d) * [OCPBUGS-21447](https://issues.redhat.com/browse/OCPBUGS-21447): Bump x/net package to v0.18.0 [#213](https://github.com/openshift/cluster-machine-approver/pull/213) * [OCPBUGS-23368](https://issues.redhat.com/browse/OCPBUGS-23368): Filter non node CSRs in metrics [#210](https://github.com/openshift/cluster-machine-approver/pull/210) * [Full changelog](https://github.com/openshift/cluster-machine-approver/compare/ce66cd5420829c20837662770451ee1c64294d47...25fe7b4bd96baba2eef8c0c22521fdc8c08f981d) ### [cluster-monitoring-operator](https://github.com/openshift/cluster-monitoring-operator/tree/940be901f1ce6c462dd1b437e51a28761362c292) * [OCPBUGS-25388](https://issues.redhat.com/browse/OCPBUGS-25388): Add RHACM telemetry metric for 4.13 [#2203](https://github.com/openshift/cluster-monitoring-operator/pull/2203) * [OCPBUGS-21457](https://issues.redhat.com/browse/OCPBUGS-21457): Set the new --disable-http2 flag for prometheus-adapter to disable HTTP2 [#2146](https://github.com/openshift/cluster-monitoring-operator/pull/2146) * [OCPBUGS-22920](https://issues.redhat.com/browse/OCPBUGS-22920): jsonnet: pin commits [#2144](https://github.com/openshift/cluster-monitoring-operator/pull/2144) * [OCPBUGS-22842](https://issues.redhat.com/browse/OCPBUGS-22842): [release-4.13] add RHACS telemetry metrics [#2139](https://github.com/openshift/cluster-monitoring-operator/pull/2139) * [OCPBUGS-22308](https://issues.redhat.com/browse/OCPBUGS-22308): fix: force HTTP/1.1 connections [#2134](https://github.com/openshift/cluster-monitoring-operator/pull/2134) * [OCPBUGS-21250](https://issues.redhat.com/browse/OCPBUGS-21250): upgrade golang.org/x/net to v0.17.0 [#2122](https://github.com/openshift/cluster-monitoring-operator/pull/2122) * [OCPBUGS-22099](https://issues.redhat.com/browse/OCPBUGS-22099): Extend remote write test timeout [#2127](https://github.com/openshift/cluster-monitoring-operator/pull/2127) * [OCPBUGS-11016](https://issues.redhat.com/browse/OCPBUGS-11016): Node Exporter ignores network interface under name "cali[a-f0-9]*" [#1927](https://github.com/openshift/cluster-monitoring-operator/pull/1927) * [OCPBUGS-16023](https://issues.redhat.com/browse/OCPBUGS-16023): Add the trusted CA bundle in UWM Prometheus pods [#2041](https://github.com/openshift/cluster-monitoring-operator/pull/2041) * [OCPBUGS-15469](https://issues.redhat.com/browse/OCPBUGS-15469): Limit the value of GOMAXPROCS on node-exporter to 4. [#2021](https://github.com/openshift/cluster-monitoring-operator/pull/2021) * [OCPBUGS-14251](https://issues.redhat.com/browse/OCPBUGS-14251): Add new web console usage metrics [#1976](https://github.com/openshift/cluster-monitoring-operator/pull/1976) * [OCPBUGS-12488](https://issues.redhat.com/browse/OCPBUGS-12488): go.mod: update golang.org/x/net to v0.7.0 [#1957](https://github.com/openshift/cluster-monitoring-operator/pull/1957) * [OCPBUGS-13007](https://issues.redhat.com/browse/OCPBUGS-13007): Add build number to rules [#1964](https://github.com/openshift/cluster-monitoring-operator/pull/1964) * [Full changelog](https://github.com/openshift/cluster-monitoring-operator/compare/1563f682454aa22db0ac381fb4616efa6931dea6...940be901f1ce6c462dd1b437e51a28761362c292) ### [cluster-network-operator](https://github.com/openshift/cluster-network-operator/tree/257435702312e418be694f4b98b8fe89557030c6) * [OCPBUGS-30150](https://issues.redhat.com/browse/OCPBUGS-30150): ipsec: fix openssl typo [#2290](https://github.com/openshift/cluster-network-operator/pull/2290) * [OCPBUGS-29674](https://issues.redhat.com/browse/OCPBUGS-29674): add env var in whereabouts-reconciler daemonset [#2279](https://github.com/openshift/cluster-network-operator/pull/2279) * [OCPBUGS-29301](https://issues.redhat.com/browse/OCPBUGS-29301): Update ingressconfig_controller to use field Manager [#2267](https://github.com/openshift/cluster-network-operator/pull/2267) * [OCPBUGS-28208](https://issues.redhat.com/browse/OCPBUGS-28208): ipsec: fix oopsy from 2e3fc8e (cherry-pick of 980c08318e) [#2222](https://github.com/openshift/cluster-network-operator/pull/2222) * [OCPBUGS-28777](https://issues.redhat.com/browse/OCPBUGS-28777): fix whereabouts conformance test failures [#2241](https://github.com/openshift/cluster-network-operator/pull/2241) * [OCPBUGS-27958](https://issues.redhat.com/browse/OCPBUGS-27958): Add ConfigMap mount to the whereabouts-reconciler DaemonSet [#2220](https://github.com/openshift/cluster-network-operator/pull/2220) * NO-JIRA: add kyrtapz as reviewer and approver for release 4.13 [#2229](https://github.com/openshift/cluster-network-operator/pull/2229) * [OCPBUGS-22293](https://issues.redhat.com/browse/OCPBUGS-22293): remove all managed fields used by old manager [#2094](https://github.com/openshift/cluster-network-operator/pull/2094) * [OCPBUGS-24570](https://issues.redhat.com/browse/OCPBUGS-24570): Disable weak SSH cipher suitesRm weak ciphers 4.13 [#2163](https://github.com/openshift/cluster-network-operator/pull/2163) * [OCPBUGS-21716](https://issues.redhat.com/browse/OCPBUGS-21716): Bump golang.org/x/net and github.com/openshift/library-go [#2123](https://github.com/openshift/cluster-network-operator/pull/2123) * [OCPBUGS-22896](https://issues.redhat.com/browse/OCPBUGS-22896): run update-codegen after adding maxLogFiles cfg [#2162](https://github.com/openshift/cluster-network-operator/pull/2162) * [OCPBUGS-22971](https://issues.redhat.com/browse/OCPBUGS-22971): HyperShift: Use the local konnectivity proxy when checking proxy readiness [#2098](https://github.com/openshift/cluster-network-operator/pull/2098) * [OCPBUGS-22896](https://issues.redhat.com/browse/OCPBUGS-22896): Remove oldest ovn acl log files when file limit exceeded [#2097](https://github.com/openshift/cluster-network-operator/pull/2097) * [SDN-4184](https://issues.redhat.com/browse/SDN-4184): Limit OVN-Kubernetes RBAC permissions [#2093](https://github.com/openshift/cluster-network-operator/pull/2093) * [OCPBUGS-20278](https://issues.redhat.com/browse/OCPBUGS-20278): Edited multus-admission-controller deployment config to not add autoount a service account token [#1885](https://github.com/openshift/cluster-network-operator/pull/1885) * [OCPBUGS-19894](https://issues.redhat.com/browse/OCPBUGS-19894): remove prestop hooks for northd, sbdbd and nbdb [#2001](https://github.com/openshift/cluster-network-operator/pull/2001) * [OCPBUGS-18722](https://issues.redhat.com/browse/OCPBUGS-18722): IBMCloud specific: patch out management workload for dataplane component thats needed for bootstrapping [#1994](https://github.com/openshift/cluster-network-operator/pull/1994) * [OCPBUGS-18342](https://issues.redhat.com/browse/OCPBUGS-18342): Fix bond-cni's default directory in multus manifest [#1977](https://github.com/openshift/cluster-network-operator/pull/1977) * [OCPBUGS-13920](https://issues.redhat.com/browse/OCPBUGS-13920): add Hypershift release-image annotation to multus [#1817](https://github.com/openshift/cluster-network-operator/pull/1817) * [OCPBUGS-18099](https://issues.redhat.com/browse/OCPBUGS-18099): [release-4.13] Use encapsulation=true for IBM Cloud [#1932](https://github.com/openshift/cluster-network-operator/pull/1932) * [OCPBUGS-17721](https://issues.redhat.com/browse/OCPBUGS-17721): Enhance check controller to remove old check objects [#1950](https://github.com/openshift/cluster-network-operator/pull/1950) * [OCPBUGS-17457](https://issues.redhat.com/browse/OCPBUGS-17457): prevent creation of multiple cni-sysctl-allowlist-ds pods [#1936](https://github.com/openshift/cluster-network-operator/pull/1936) * [OCPBUGS-11539](https://issues.redhat.com/browse/OCPBUGS-11539): Hypershift: Add RollingUpdate parameters to multus-admission-controller [#1774](https://github.com/openshift/cluster-network-operator/pull/1774) * [OCPBUGS-15977](https://issues.redhat.com/browse/OCPBUGS-15977): Add logic to pick the openshift-sdn shims from right directories [#1880](https://github.com/openshift/cluster-network-operator/pull/1880) * [OCPBUGS-15962](https://issues.redhat.com/browse/OCPBUGS-15962): Add logic to pick the ovn-k8s-cni-overlay binary from the right dir [#1877](https://github.com/openshift/cluster-network-operator/pull/1877) * Change rhel7/8 to rhel8/9 [#1869](https://github.com/openshift/cluster-network-operator/pull/1869) * [OCPBUGS-15476](https://issues.redhat.com/browse/OCPBUGS-15476): Add release version annotation to whereabouts-reconciler [#1853](https://github.com/openshift/cluster-network-operator/pull/1853) * [OCPBUGS-15139](https://issues.redhat.com/browse/OCPBUGS-15139): Remove nodeSelector for architecture in whereabouts daemonset [#1840](https://github.com/openshift/cluster-network-operator/pull/1840) * [OCPBUGS-14871](https://issues.redhat.com/browse/OCPBUGS-14871): Do not rely on ControlPlaneTopology do determine if running in HyperShift [#1837](https://github.com/openshift/cluster-network-operator/pull/1837) * [OCPBUGS-13809](https://issues.redhat.com/browse/OCPBUGS-13809): Use `IfNotPresent` instead of `Always` in OVNK upgrades pre-puller [#1813](https://github.com/openshift/cluster-network-operator/pull/1813) * [OCPBUGS-14367](https://issues.redhat.com/browse/OCPBUGS-14367): High API requests due to allowlist and operconfig reconcilers running too often [#1824](https://github.com/openshift/cluster-network-operator/pull/1824) * [Full changelog](https://github.com/openshift/cluster-network-operator/compare/3ed6bef191d49ede92ab8f7f684826a1b7967928...257435702312e418be694f4b98b8fe89557030c6) ### [cluster-node-tuning-operator](https://github.com/openshift/cluster-node-tuning-operator/tree/4ce5b7501c27c6ced4f4b433c0e983766608e853) * [OCPBUGS-24353](https://issues.redhat.com/browse/OCPBUGS-24353): rps: cherry-picks of rps fixes (#865) [#865](https://github.com/openshift/cluster-node-tuning-operator/pull/865) * Disable HTTP/2 for webhook and metrics servers (#846) [#846](https://github.com/openshift/cluster-node-tuning-operator/pull/846) * Remove obsolete protocols and weak ciphers (#843) [#843](https://github.com/openshift/cluster-node-tuning-operator/pull/843) * [OCPBUGS-18493](https://issues.redhat.com/browse/OCPBUGS-18493): e2e: deflake IRQ load-balancing (#782) [#782](https://github.com/openshift/cluster-node-tuning-operator/pull/782) * Use RHEL9 as a base (#829) [#829](https://github.com/openshift/cluster-node-tuning-operator/pull/829) * [OCPBUGS-17943](https://issues.redhat.com/browse/OCPBUGS-17943): Add rtentsk plugin to pp tuned profile Signed-off-by: Brent Rowsell <browsell@redhat.com> (#796) [#796](https://github.com/openshift/cluster-node-tuning-operator/pull/796) * nto: avoid timeout when there are too many CSV (#818) [#818](https://github.com/openshift/cluster-node-tuning-operator/pull/818) * [OCPBUGS-19459](https://issues.redhat.com/browse/OCPBUGS-19459): check for object being nil (#820) [#820](https://github.com/openshift/cluster-node-tuning-operator/pull/820) * Add kubeconfig path for IBM Managed OpenShift (#814) [#814](https://github.com/openshift/cluster-node-tuning-operator/pull/814) * [OCPBUGS-14137](https://issues.redhat.com/browse/OCPBUGS-14137): e2e: perfprof: add SNO device recovery test (#653) (#806) [#653](https://github.com/openshift/cluster-node-tuning-operator/pull/653) * [OCPBUGS-18868](https://issues.redhat.com/browse/OCPBUGS-18868): [release-4.14] e2e: add expected max latancy to hwlatdetec test & rename constant (#788) (#808) [#788](https://github.com/openshift/cluster-node-tuning-operator/pull/788) * Sync DaemonSet if operand image changes (#786) [#786](https://github.com/openshift/cluster-node-tuning-operator/pull/786) * Revert "Revert "Release leader election on manager exit (#773)" (#797)" (#802) [#773](https://github.com/openshift/cluster-node-tuning-operator/pull/773) * [OCPBUGS-19351](https://issues.redhat.com/browse/OCPBUGS-19351): Keep Profile status.bootcmdline around (#803) [#803](https://github.com/openshift/cluster-node-tuning-operator/pull/803) * Revert "Release leader election on manager exit (#773)" (#797) [#773](https://github.com/openshift/cluster-node-tuning-operator/pull/773) * Release leader election on manager exit (#773) [#773](https://github.com/openshift/cluster-node-tuning-operator/pull/773) * Tighten the rules for modifying Tuned Profiles (#766) [#766](https://github.com/openshift/cluster-node-tuning-operator/pull/766) * [OCPBUGS-18063](https://issues.redhat.com/browse/OCPBUGS-18063): cgroup: Match the name of the cgroup to what is expected by kubelet (#774) [#774](https://github.com/openshift/cluster-node-tuning-operator/pull/774) * update tsc karg to tsc=reliable (#757) [#757](https://github.com/openshift/cluster-node-tuning-operator/pull/757) * [OCPBUGS-17845](https://issues.redhat.com/browse/OCPBUGS-17845): deflake ht aware test (#763) [#763](https://github.com/openshift/cluster-node-tuning-operator/pull/763) * [OCPBUGS-17794](https://issues.redhat.com/browse/OCPBUGS-17794): rps: use default rps mask kernel API (#760) [#760](https://github.com/openshift/cluster-node-tuning-operator/pull/760) * Improve render error handling (#755) [#755](https://github.com/openshift/cluster-node-tuning-operator/pull/755) * nto:tuned: remove sched_min_granularity_ns settings (#726) [#726](https://github.com/openshift/cluster-node-tuning-operator/pull/726) * Fix a race in e2e test rollback.go code (#740) [#740](https://github.com/openshift/cluster-node-tuning-operator/pull/740) * E2E: Add memory manager sanity test case (#573) (#695) [#573](https://github.com/openshift/cluster-node-tuning-operator/pull/573) * e2e: latency testing: increase the expected threshold (#709) [#709](https://github.com/openshift/cluster-node-tuning-operator/pull/709) * Do not rollback settings on TuneD exit (#704) [#704](https://github.com/openshift/cluster-node-tuning-operator/pull/704) * Switch to rslave/HostToContainer volume mount propagation (#705) [#705](https://github.com/openshift/cluster-node-tuning-operator/pull/705) * e2e: perf-prof: disable truncating gomega output (#707) [#707](https://github.com/openshift/cluster-node-tuning-operator/pull/707) * [OCPBUGS-14895](https://issues.redhat.com/browse/OCPBUGS-14895): Do not fail creating cgroups if they exist already (#684) [#684](https://github.com/openshift/cluster-node-tuning-operator/pull/684) * [OCPBUGS-14331](https://issues.redhat.com/browse/OCPBUGS-14331): Fix updating numa core siblings map in GetCpuSiblings function (#669) [#669](https://github.com/openshift/cluster-node-tuning-operator/pull/669) * render: remove uid from render-sync target (#594) (#609) [#594](https://github.com/openshift/cluster-node-tuning-operator/pull/594) * Remove cpu-quota.crio.io: disable annotation (#670) [#670](https://github.com/openshift/cluster-node-tuning-operator/pull/670) * Add PerformanceProfiles to 'oc adm must-gather' (#657) [#657](https://github.com/openshift/cluster-node-tuning-operator/pull/657) * [Full changelog](https://github.com/openshift/cluster-node-tuning-operator/compare/7333da210d37eedcb3e1829bce5f6136d006d12d...4ce5b7501c27c6ced4f4b433c0e983766608e853) ### [cluster-openshift-apiserver-operator](https://github.com/openshift/cluster-openshift-apiserver-operator/tree/9abb220ac11f370f323f2c248d3ee377394c88b8) * : OCPBUGS-20707: bump library-go to include switch to HTTP/1.1 [#555](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/555) * [OCPBUGS-22210](https://issues.redhat.com/browse/OCPBUGS-22210): increase timeout for probes [#553](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/553) * [OCPBUGS-13763](https://issues.redhat.com/browse/OCPBUGS-13763): dont log tokens [#541](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/541) * [Full changelog](https://github.com/openshift/cluster-openshift-apiserver-operator/compare/aaa3cec4118d3743fd15f6197e348e86f7e48c7d...9abb220ac11f370f323f2c248d3ee377394c88b8) ### [cluster-openshift-controller-manager-operator](https://github.com/openshift/cluster-openshift-controller-manager-operator/tree/d2818fb5a41defcf3af577fa4cb0a247700ce44a) * [OCPBUGS-20796](https://issues.redhat.com/browse/OCPBUGS-20796): bump(k8s,openshift) to address CVE-2023-44487 [#310](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/310) * [Full changelog](https://github.com/openshift/cluster-openshift-controller-manager-operator/compare/9a8aba8cad6491a31e743a7e366d758351482d88...d2818fb5a41defcf3af577fa4cb0a247700ce44a) ### [cluster-platform-operators-manager](https://github.com/openshift/platform-operators/tree/312c5f24b5711a764350de899b83443a87296983) * [OCPBUGS-20998](https://issues.redhat.com/browse/OCPBUGS-20998): [release-4.13] Bump golang.org/x/net to v0.17.0 [#97](https://github.com/openshift/platform-operators/pull/97) * [Full changelog](https://github.com/openshift/platform-operators/compare/471a80685581ff95fec3bee818f6ee409836eb8e...312c5f24b5711a764350de899b83443a87296983) ### [cluster-policy-controller](https://github.com/openshift/cluster-policy-controller/tree/3b0d075530fdbfdacdfe574151a3313f5231459c) * [OCPBUGS-21103](https://issues.redhat.com/browse/OCPBUGS-21103): Bump deps to address CVE-2023-44487 [4.13] [#135](https://github.com/openshift/cluster-policy-controller/pull/135) * [OCPBUGS-14091](https://issues.redhat.com/browse/OCPBUGS-14091): [4.13] fix ClusterResourceQuotas to work for all api resources including custom resources [#116](https://github.com/openshift/cluster-policy-controller/pull/116) * [Full changelog](https://github.com/openshift/cluster-policy-controller/compare/4aa5ecd04fa2a35a5ae07a13707bd2e0239432a9...3b0d075530fdbfdacdfe574151a3313f5231459c) ### [cluster-samples-operator](https://github.com/openshift/cluster-samples-operator/tree/bcc08e9609e9c39d212857efd27d67753c64d91e) * [OCPBUGS-22390](https://issues.redhat.com/browse/OCPBUGS-22390): Sync library to remove invalid dockerhub references for OKD [#521](https://github.com/openshift/cluster-samples-operator/pull/521) * [OCPBUGS-15756](https://issues.redhat.com/browse/OCPBUGS-15756): Update Jenkins and Jenkins Agent Base image versions [#505](https://github.com/openshift/cluster-samples-operator/pull/505) * [OCPBUGS-14598](https://issues.redhat.com/browse/OCPBUGS-14598): Updating to use Jenkins 4.13 images [#503](https://github.com/openshift/cluster-samples-operator/pull/503) * [Full changelog](https://github.com/openshift/cluster-samples-operator/compare/318d124ed3bcde76cbe960f6bef203728e34d1c6...bcc08e9609e9c39d212857efd27d67753c64d91e) ### [cluster-storage-operator](https://github.com/openshift/cluster-storage-operator/tree/5cd56c344f5aae7ce53f1301115e247a1fd6fed5) * [OCPBUGS-21284](https://issues.redhat.com/browse/OCPBUGS-21284): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#406](https://github.com/openshift/cluster-storage-operator/pull/406) * [OCPBUGS-18132](https://issues.redhat.com/browse/OCPBUGS-18132): Add patch for allowing configmap updates via clusterrole [#396](https://github.com/openshift/cluster-storage-operator/pull/396) * [OCPBUGS-19036](https://issues.redhat.com/browse/OCPBUGS-19036): Fix PodStartupStorageOperationsFailing alert [#397](https://github.com/openshift/cluster-storage-operator/pull/397) * [OCPBUGS-15378](https://issues.redhat.com/browse/OCPBUGS-15378): decrease severity for MultipleDefaultStorageClasses alert [#383](https://github.com/openshift/cluster-storage-operator/pull/383) * [Full changelog](https://github.com/openshift/cluster-storage-operator/compare/6479617c1e9e92cc664d0e8c26ba62191320f4e4...5cd56c344f5aae7ce53f1301115e247a1fd6fed5) ### [cluster-update-keys](https://github.com/openshift/cluster-update-keys/tree/5b725937d51e9f089c3f99e27e4ee77a6d2cbbcd) * Adding the new CI Signer public key [#50](https://github.com/openshift/cluster-update-keys/pull/50) * [Full changelog](https://github.com/openshift/cluster-update-keys/compare/2796e1732615521e818be82663058e0a3f1b3941...5b725937d51e9f089c3f99e27e4ee77a6d2cbbcd) ### [cluster-version-operator](https://github.com/openshift/cluster-version-operator/tree/24517b23286b636f50390f9167b41b84da8514cf) * [OCPBUGS-27049](https://issues.redhat.com/browse/OCPBUGS-27049): pkg/cvo/availableupdates: Only bump LastAttempt on Cincinnati pulls [#1019](https://github.com/openshift/cluster-version-operator/pull/1019) * [OCPBUGS-20744](https://issues.redhat.com/browse/OCPBUGS-20744): [4.13] Bump http-related deps [#989](https://github.com/openshift/cluster-version-operator/pull/989) * [OCPBUGS-19472](https://issues.redhat.com/browse/OCPBUGS-19472): Reconcile Volumes in SCCs and flag Upgradeable=False when detecting modified SCC [#969](https://github.com/openshift/cluster-version-operator/pull/969) * [OCPBUGS-20321](https://issues.redhat.com/browse/OCPBUGS-20321): pkg/cvo/sync_worker: Always enable the DeploymentConfig capability [#981](https://github.com/openshift/cluster-version-operator/pull/981) * [OCPBUGS-19828](https://issues.redhat.com/browse/OCPBUGS-19828): pkg/clusterconditions/promql: Warm cache with 1s delay [#974](https://github.com/openshift/cluster-version-operator/pull/974) * [OCPBUGS-20263](https://issues.redhat.com/browse/OCPBUGS-20263): pkg/clusterconditions/cache: Avoid panic on all-fresh-cache evaluation [#980](https://github.com/openshift/cluster-version-operator/pull/980) * [OCPBUGS-16613](https://issues.redhat.com/browse/OCPBUGS-16613): Add admin-gate ack-4.13-kube-1.27-api-removals-in-4.14 [#948](https://github.com/openshift/cluster-version-operator/pull/948) * [Full changelog](https://github.com/openshift/cluster-version-operator/compare/e08a27913bc6c6d0ca0663dc131d1183773cca10...24517b23286b636f50390f9167b41b84da8514cf) ### [console](https://github.com/openshift/console/tree/80468e2e8b043d131d312f8bde5a1420e736ef1f) * [OCPBUGS-29063](https://issues.redhat.com/browse/OCPBUGS-29063): add additional check to determine if file is binary [#13579](https://github.com/openshift/console/pull/13579) * [OCPBUGS-28788](https://issues.redhat.com/browse/OCPBUGS-28788): Copy response code from proxied plugin requests [#13561](https://github.com/openshift/console/pull/13561) * [OCPBUGS-29243](https://issues.redhat.com/browse/OCPBUGS-29243): Add a new allowInsecure option to the internet proxy [#13593](https://github.com/openshift/console/pull/13593) * [OCPBUGS-27406](https://issues.redhat.com/browse/OCPBUGS-27406): Add Pipeline metrics tab using plugin [#13525](https://github.com/openshift/console/pull/13525) * [OCPBUGS-23483](https://issues.redhat.com/browse/OCPBUGS-23483): add access to create, edit and delete silences for developer user from developer perspective [#13349](https://github.com/openshift/console/pull/13349) * [OCPBUGS-25427](https://issues.redhat.com/browse/OCPBUGS-25427): Fix plugin proxy handler [#13449](https://github.com/openshift/console/pull/13449) * [OCPBUGS-25465](https://issues.redhat.com/browse/OCPBUGS-25465): fix runtime error on Node details Overview when Machin… [#13452](https://github.com/openshift/console/pull/13452) * [OCPBUGS-25146](https://issues.redhat.com/browse/OCPBUGS-25146): add access review for impersonate [#13437](https://github.com/openshift/console/pull/13437) * [OCPBUGS-24591](https://issues.redhat.com/browse/OCPBUGS-24591): ConsolePlugin metrics must no longer be grouped by the vendor [#13424](https://github.com/openshift/console/pull/13424) * [OCPBUGS-22241](https://issues.redhat.com/browse/OCPBUGS-22241): Save also the location.search and .hash values in localStorage to restore them after login [#13271](https://github.com/openshift/console/pull/13271) * [OCPBUGS-24240](https://issues.redhat.com/browse/OCPBUGS-24240): Subsequent PipelineRuns take initial PipelineRun name into account [#13385](https://github.com/openshift/console/pull/13385) * [OCPBUGS-23497](https://issues.redhat.com/browse/OCPBUGS-23497): Cannot Edit Shipwright Build [#13352](https://github.com/openshift/console/pull/13352) * [OCPBUGS-11316](https://issues.redhat.com/browse/OCPBUGS-11316): Fix description for BuildAdapter SDK extension [#12703](https://github.com/openshift/console/pull/12703) * [OCPBUGS-22986](https://issues.redhat.com/browse/OCPBUGS-22986): Correct logout process [#13310](https://github.com/openshift/console/pull/13310) * [OCPBUGS-23065](https://issues.redhat.com/browse/OCPBUGS-23065): remove expandable toggle for conditional update risk d… [#13316](https://github.com/openshift/console/pull/13316) * [OCPBUGS-22784](https://issues.redhat.com/browse/OCPBUGS-22784): add support for new features annotations while preservi… [#13299](https://github.com/openshift/console/pull/13299) * [OCPBUGS-19532](https://issues.redhat.com/browse/OCPBUGS-19532): use active namespace in Create cta href of create action for operator backed [#13179](https://github.com/openshift/console/pull/13179) * [OCPBUGS-18271](https://issues.redhat.com/browse/OCPBUGS-18271): update the KnativeServing API version to v1beta1 for global-config extension [#13112](https://github.com/openshift/console/pull/13112) * [OCPBUGS-20232](https://issues.redhat.com/browse/OCPBUGS-20232): show all the legends for Pipeline metrics in PipelineRun TaskRun Duration chart [#13224](https://github.com/openshift/console/pull/13224) * [OCPBUGS-20231](https://issues.redhat.com/browse/OCPBUGS-20231): fetch TaskRuns without selector and reduces the get TaskRuns requests [#13223](https://github.com/openshift/console/pull/13223) * [OCPBUGS-20330](https://issues.redhat.com/browse/OCPBUGS-20330): Check if filtered object contains name property [#13227](https://github.com/openshift/console/pull/13227) * [OCPBUGS-13285](https://issues.redhat.com/browse/OCPBUGS-13285): add multipath device type to LocalVolumeSet [#12804](https://github.com/openshift/console/pull/12804) * [OCPBUGS-17481](https://issues.redhat.com/browse/OCPBUGS-17481): Fix that "Delete application" doesn't work in topology when Pipelines operator is not installed [#13083](https://github.com/openshift/console/pull/13083) * [OCPBUGS-18764](https://issues.redhat.com/browse/OCPBUGS-18764): Fixed Edit Application form for Knative Services [#13147](https://github.com/openshift/console/pull/13147) * [OCPBUGS-18538](https://issues.redhat.com/browse/OCPBUGS-18538): OCP console mandate secret for repository creation [#13135](https://github.com/openshift/console/pull/13135) * [OCPBUGS-18679](https://issues.redhat.com/browse/OCPBUGS-18679): [knative] Don't rely on openshift/hello-openshift as a sample image [#13140](https://github.com/openshift/console/pull/13140) * [OCPBUGS-18289](https://issues.redhat.com/browse/OCPBUGS-18289): Not able to import the repository with .tekton directory and func.yaml file present [#13116](https://github.com/openshift/console/pull/13116) * [OCPBUGS-18443](https://issues.redhat.com/browse/OCPBUGS-18443): Fix crash when filtering the quick start catalog [#13127](https://github.com/openshift/console/pull/13127) * [OCPBUGS-18312](https://issues.redhat.com/browse/OCPBUGS-18312): Web console slowness on Project>Project access page [#13119](https://github.com/openshift/console/pull/13119) * [OCPBUGS-18335](https://issues.redhat.com/browse/OCPBUGS-18335): Fix DeploymentConfig list performance issues by lazy loading their ReplicationControllers [#13120](https://github.com/openshift/console/pull/13120) * [OCPBUGS-17876](https://issues.redhat.com/browse/OCPBUGS-17876): Fix topology crash when a console.topology/data/factory extension tries to resolve a resource with version from the CRDs which doesn't exists [#13095](https://github.com/openshift/console/pull/13095) * [OCPBUGS-16668](https://issues.redhat.com/browse/OCPBUGS-16668): Dynamic plugin translation support for plurals broken [#13041](https://github.com/openshift/console/pull/13041) * [OCPBUGS-17181](https://issues.redhat.com/browse/OCPBUGS-17181): Creation of GH webhook and attaching it to repo while importing from git using PAC [#13060](https://github.com/openshift/console/pull/13060) * [OCPBUGS-16040](https://issues.redhat.com/browse/OCPBUGS-16040): fix bug where binary secret values are corrupted on edit and add test coverage [#13048](https://github.com/openshift/console/pull/13048) * [OCPBUGS-16659](https://issues.redhat.com/browse/OCPBUGS-16659): Fix RTE in bridge. [#13038](https://github.com/openshift/console/pull/13038) * [OCPBUGS-16158](https://issues.redhat.com/browse/OCPBUGS-16158): "Duplicate RoleBinding" leads to "Unsupported value" error [#13008](https://github.com/openshift/console/pull/13008) * [OCPBUGS-16434](https://issues.redhat.com/browse/OCPBUGS-16434): Fix stop PLR option [#13031](https://github.com/openshift/console/pull/13031) * [OCPBUGS-14265](https://issues.redhat.com/browse/OCPBUGS-14265): Regression: OpenShift Console no-longer filters SecretList when displaying ServiceAccount [#12865](https://github.com/openshift/console/pull/12865) * [OCPBUGS-13641](https://issues.redhat.com/browse/OCPBUGS-13641): Do not fetch catalog sources on CSV or Subscription details pages. [#12811](https://github.com/openshift/console/pull/12811) * [OCPBUGS-16421](https://issues.redhat.com/browse/OCPBUGS-16421): When removing the project owner from the project in GUI, instead of that user, the group (the default group added as project admin through the project template) will be removed. [#13030](https://github.com/openshift/console/pull/13030) * [OCPBUGS-15998](https://issues.redhat.com/browse/OCPBUGS-15998): Upload JAR file does not work if the Cluster Samples Operator is disabled [#12992](https://github.com/openshift/console/pull/12992) * [OCPBUGS-15810](https://issues.redhat.com/browse/OCPBUGS-15810): only show pipelines doc link for downstream [#12981](https://github.com/openshift/console/pull/12981) * [OCPBUGS-15982](https://issues.redhat.com/browse/OCPBUGS-15982): get Kamelets from the camel-k-operator namespace as well [#12988](https://github.com/openshift/console/pull/12988) * [OCPBUGS-16244](https://issues.redhat.com/browse/OCPBUGS-16244): Fix operator backed catalog page when copied CSVs disabled [#13019](https://github.com/openshift/console/pull/13019) * [OCPBUGS-15194](https://issues.redhat.com/browse/OCPBUGS-15194): Remove tech preview badge from Pipeline repository pages [#12916](https://github.com/openshift/console/pull/12916) * [OCPBUGS-10326](https://issues.redhat.com/browse/OCPBUGS-10326): re-enable operator-install-single-namespace.spec.ts test [#12653](https://github.com/openshift/console/pull/12653) * [OCPBUGS-15848](https://issues.redhat.com/browse/OCPBUGS-15848): The upgrade Helm Release tab in OpenShift GUI Developer console is not refreshing with updated values. [#12976](https://github.com/openshift/console/pull/12976) * [OCPBUGS-15890](https://issues.redhat.com/browse/OCPBUGS-15890): Use proxy with web socket connection and monitoring dashboard [#12978](https://github.com/openshift/console/pull/12978) * [OCPBUGS-15720](https://issues.redhat.com/browse/OCPBUGS-15720), [OCPBUGS-15721](https://issues.redhat.com/browse/OCPBUGS-15721), [OCPBUGS-15722](https://issues.redhat.com/browse/OCPBUGS-15722): Helm Chart installation form hangs on create if JSON-schema is using 2019-09 or 2020-20 standard revisions [#12963](https://github.com/openshift/console/pull/12963) * [OCPBUGS-14426](https://issues.redhat.com/browse/OCPBUGS-14426): account for single object in status.conditions instead… [#12875](https://github.com/openshift/console/pull/12875) * [OCPBUGS-14267](https://issues.redhat.com/browse/OCPBUGS-14267): Add Pipeline metrics unsupported empty page [#12864](https://github.com/openshift/console/pull/12864) * [OCPBUGS-15410](https://issues.redhat.com/browse/OCPBUGS-15410): Add Git Repository (PAC) doesn't setup GitLab and Bitbucket configuration correct [#12936](https://github.com/openshift/console/pull/12936) * [OCPBUGS-15787](https://issues.redhat.com/browse/OCPBUGS-15787): Remove access review check for PipelineResource from Pipeline section [#12967](https://github.com/openshift/console/pull/12967) * [OCPBUGS-15228](https://issues.redhat.com/browse/OCPBUGS-15228): Create helm release page doesn't show a YAML editor when schema isn't available (httpd-imagestreams chart) [#12937](https://github.com/openshift/console/pull/12937) * [release 4.13] OCPBUGS-15360: Serverless functions UI warning is misleading [#12931](https://github.com/openshift/console/pull/12931) * [OCPBUGS-14166](https://issues.redhat.com/browse/OCPBUGS-14166): Fixed Make Serverless Form Error [#12857](https://github.com/openshift/console/pull/12857) * [OCPBUGS-14336](https://issues.redhat.com/browse/OCPBUGS-14336): use service port name instead targetPort in the Pipeline Event listener route [#12870](https://github.com/openshift/console/pull/12870) * [OCPBUGS-14310](https://issues.redhat.com/browse/OCPBUGS-14310): Could not import multiple resources via JSON (while YAML supports this) [#12868](https://github.com/openshift/console/pull/12868) * [OCPBUGS-15335](https://issues.redhat.com/browse/OCPBUGS-15335): Delete annotation 'tekton.dev/v1beta1TaskRuns' when rerun the PLR [#12927](https://github.com/openshift/console/pull/12927) * [OCPBUGS-15130](https://issues.redhat.com/browse/OCPBUGS-15130): Helm Repository "Edit" button results in 404 [#12909](https://github.com/openshift/console/pull/12909) * [OCPBUGS-14189](https://issues.redhat.com/browse/OCPBUGS-14189): Corrected Labels for resolving the bug related to the Create Route Checkbox [#12858](https://github.com/openshift/console/pull/12858) * [OCPBUGS-13642](https://issues.redhat.com/browse/OCPBUGS-13642): Fix OLM k8sResourcePrefix descriptor dropdown behavior [#12812](https://github.com/openshift/console/pull/12812) * [OCPBUGS-11974](https://issues.redhat.com/browse/OCPBUGS-11974): Add page title to Devconsole pages [#12844](https://github.com/openshift/console/pull/12844) * [OCPBUGS-15465](https://issues.redhat.com/browse/OCPBUGS-15465), [OCPBUGS-15481](https://issues.redhat.com/browse/OCPBUGS-15481): Remove PipelineResource CRD check because it's not installed with PO 1.11 anymore and disable operator-uninstall test [#12949](https://github.com/openshift/console/pull/12949) * [OCPBUGS-14943](https://issues.redhat.com/browse/OCPBUGS-14943): visiting Configurations page returns error Cannot read… [#12897](https://github.com/openshift/console/pull/12897) * [OCPBUGS-12785](https://issues.redhat.com/browse/OCPBUGS-12785): Project admin can update and view subscription from operator details page [#12780](https://github.com/openshift/console/pull/12780) * [OCPBUGS-14574](https://issues.redhat.com/browse/OCPBUGS-14574): only copy workload annotations to debug pod [#12879](https://github.com/openshift/console/pull/12879) * [OCPBUGS-14258](https://issues.redhat.com/browse/OCPBUGS-14258): Add vSphere cluster field. [#12862](https://github.com/openshift/console/pull/12862) * [OCPBUGS-14195](https://issues.redhat.com/browse/OCPBUGS-14195): Topology UI doesn't recognize Serverless Rust function for proper UI icon [#12860](https://github.com/openshift/console/pull/12860) * [OCPBUGS-10527](https://issues.redhat.com/browse/OCPBUGS-10527): When there are 2 pipelines displayed in the dropdown menu, selecting one, unchecks the Add Pipeline checkbox [#12658](https://github.com/openshift/console/pull/12658) * [OCPBUGS-14165](https://issues.redhat.com/browse/OCPBUGS-14165): propagate labels to pipeline resources [#12856](https://github.com/openshift/console/pull/12856) * [Full changelog](https://github.com/openshift/console/compare/6f58e088705d4c66e10b1d418a115e295fa5ac7b...80468e2e8b043d131d312f8bde5a1420e736ef1f) ### [console-operator](https://github.com/openshift/console-operator/tree/b3dea8462dbb7e7d5ca6a67c932640e7710c99d4) * [OCPBUGS-30599](https://issues.redhat.com/browse/OCPBUGS-30599): Disable HTTP/2 for webhook [#875](https://github.com/openshift/console-operator/pull/875) * [OCPBUGS-21008](https://issues.redhat.com/browse/OCPBUGS-21008): [release-4.13] Bump library-go and golang.org/x/net [#866](https://github.com/openshift/console-operator/pull/866) * [OCPBUGS-6208](https://issues.redhat.com/browse/OCPBUGS-6208): Updating openshift-enterprise-console-operator images to be consistent with ART [#872](https://github.com/openshift/console-operator/pull/872) * [OCPBUGS-24591](https://issues.redhat.com/browse/OCPBUGS-24591): ConsolePlugin metrics must no longer be grouped by the vendor [#821](https://github.com/openshift/console-operator/pull/821) * [OCPBUGS-22333](https://issues.redhat.com/browse/OCPBUGS-22333): Make enabled plugins unique [#805](https://github.com/openshift/console-operator/pull/805) * [OCPBUGS-18972](https://issues.redhat.com/browse/OCPBUGS-18972): Manual backport of #761 [#793](https://github.com/openshift/console-operator/pull/793) * [OCPBUGS-18192](https://issues.redhat.com/browse/OCPBUGS-18192): Add haproxy timeout annotation to console routes [#787](https://github.com/openshift/console-operator/pull/787) * [OCPBUGS-16241](https://issues.redhat.com/browse/OCPBUGS-16241): Add missing watch permission for helm-chartrepos-viewers [#778](https://github.com/openshift/console-operator/pull/778) * [OCPBUGS-14039](https://issues.redhat.com/browse/OCPBUGS-14039): Backport #774 and #763 [#779](https://github.com/openshift/console-operator/pull/779) * [Full changelog](https://github.com/openshift/console-operator/compare/c5f3b24448f6a7bf5dd5d145008df85e04ec5968...b3dea8462dbb7e7d5ca6a67c932640e7710c99d4) ### [container-networking-plugins](https://github.com/openshift/containernetworking-plugins/tree/614ca3c35e1847f38f0f427c04a064cd31ac5002) * [OCPBUGS-20594](https://issues.redhat.com/browse/OCPBUGS-20594): build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 [backport 4.13] [#130](https://github.com/openshift/containernetworking-plugins/pull/130) * [OCPBUGS-17728](https://issues.redhat.com/browse/OCPBUGS-17728): Default CNI binaries to RHEL 8 [#117](https://github.com/openshift/containernetworking-plugins/pull/117) * Add rhel9 binary [#102](https://github.com/openshift/containernetworking-plugins/pull/102) * [Full changelog](https://github.com/openshift/containernetworking-plugins/compare/4655073266cb14756783bb06378224048f0dd3e3...614ca3c35e1847f38f0f427c04a064cd31ac5002) ### [coredns](https://github.com/openshift/coredns/tree/298d919368ea0e5cca548354aa78c6e98044b09d) * [OCPBUGS-28205](https://issues.redhat.com/browse/OCPBUGS-28205): UPSTREAM: 6277: openshift: Fix OCPBUGS-28205 [#113](https://github.com/openshift/coredns/pull/113) * [OCPBUGS-21046](https://issues.redhat.com/browse/OCPBUGS-21046): UPSTREAM: <carry>: openshift: Address CVE-2023-39325 [#102](https://github.com/openshift/coredns/pull/102) * [OCPBUGS-19985](https://issues.redhat.com/browse/OCPBUGS-19985): UPSTREAM: <carry>: openshift: Fix OCPBUGS-19985 [#97](https://github.com/openshift/coredns/pull/97) * [Full changelog](https://github.com/openshift/coredns/compare/5560e4ad8c343c211f0b2f9d85ce7331b20b87cb...298d919368ea0e5cca548354aa78c6e98044b09d) ### [csi-driver-manila, openstack-cinder-csi-driver, openstack-cloud-controller-manager](https://github.com/openshift/cloud-provider-openstack/tree/c3b7d2f5d7b6be7353edffd811fcd55e8bf0af32) * Switch to a new CI [#2444](https://github.com/openshift/cloud-provider-openstack/pull/2444) * update tags to v1.26.1 [#2119](https://github.com/openshift/cloud-provider-openstack/pull/2119) * update tags to v1.26.0 release [#2070](https://github.com/openshift/cloud-provider-openstack/pull/2070) * [Full changelog](https://github.com/openshift/cloud-provider-openstack/compare/af5c48da935694ed5263a5a163318b52564977df...c3b7d2f5d7b6be7353edffd811fcd55e8bf0af32) ### [csi-driver-manila-operator](https://github.com/openshift/csi-driver-manila-operator/tree/596a53c8fb79eddf85bad8deb504536adf228128) * [OCPBUGS-26224](https://issues.redhat.com/browse/OCPBUGS-26224): Fix selector for manila-csi-driver-controller-metrics service [#224](https://github.com/openshift/csi-driver-manila-operator/pull/224) * [OCPBUGS-16250](https://issues.redhat.com/browse/OCPBUGS-16250): Add management workloads annotations [#195](https://github.com/openshift/csi-driver-manila-operator/pull/195) * [OCPBUGS-17160](https://issues.redhat.com/browse/OCPBUGS-17160): Don't cache OpenStack client [#196](https://github.com/openshift/csi-driver-manila-operator/pull/196) * [Full changelog](https://github.com/openshift/csi-driver-manila-operator/compare/e540ced4cc5deba7ce3309931d797fe9eb8b9573...596a53c8fb79eddf85bad8deb504536adf228128) ### [csi-driver-shared-resource, csi-driver-shared-resource-webhook](https://github.com/openshift/csi-driver-shared-resource/tree/01bbb23b627835354f6177b4b44cfc50bd6d9a2e) * [OCPBUGS-28953](https://issues.redhat.com/browse/OCPBUGS-28953): Replace 'coreydaley' with 'sayan-biswas' in OWNERS file [#168](https://github.com/openshift/csi-driver-shared-resource/pull/168) * [OCPBUGS-23116](https://issues.redhat.com/browse/OCPBUGS-23116): Should reference configmaps instead of secrets [#153](https://github.com/openshift/csi-driver-shared-resource/pull/153) * [OCPBUGS-20719](https://issues.redhat.com/browse/OCPBUGS-20719): bump golang.org/x/net to v0.17.0 [#147](https://github.com/openshift/csi-driver-shared-resource/pull/147) * [OCPBUGS-12484](https://issues.redhat.com/browse/OCPBUGS-12484), [OCPBUGS-12527](https://issues.redhat.com/browse/OCPBUGS-12527), [OCPBUGS-14505](https://issues.redhat.com/browse/OCPBUGS-14505): Mitigating CVE-2022-41723 [#140](https://github.com/openshift/csi-driver-shared-resource/pull/140) * [Full changelog](https://github.com/openshift/csi-driver-shared-resource/compare/d4685ceb2b13ac6ce60e1b7997a99dea7173649d...01bbb23b627835354f6177b4b44cfc50bd6d9a2e) ### [csi-driver-shared-resource-operator](https://github.com/openshift/csi-driver-shared-resource-operator/tree/bc169d2d8d1cd128770d2202c6cc00e5328e4e73) * [OCPBUGS-28958](https://issues.redhat.com/browse/OCPBUGS-28958): Replace 'coreydaley' with 'sayan-biswas' in OWNERS file [#104](https://github.com/openshift/csi-driver-shared-resource-operator/pull/104) * [OCPBUGS-20806](https://issues.redhat.com/browse/OCPBUGS-20806): bump golang.org/x/net to v0.17.0 [#87](https://github.com/openshift/csi-driver-shared-resource-operator/pull/87) * [Full changelog](https://github.com/openshift/csi-driver-shared-resource-operator/compare/318c84a5cd3ffa9d92d7e7bf6c8dc4008dc132cf...bc169d2d8d1cd128770d2202c6cc00e5328e4e73) ### [csi-external-attacher](https://github.com/openshift/csi-external-attacher/tree/d92908438817984fc47558fdaa03805d8c3b256c) * [OCPBUGS-21161](https://issues.redhat.com/browse/OCPBUGS-21161): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#61](https://github.com/openshift/csi-external-attacher/pull/61) * [OCPBUGS-16637](https://issues.redhat.com/browse/OCPBUGS-16637): [release-4.13] UPSTREAM: 415: fix: CVE-2022-41723 [#56](https://github.com/openshift/csi-external-attacher/pull/56) * [Full changelog](https://github.com/openshift/csi-external-attacher/compare/335d78a21fd46fc7faea74b7716f66f112da8eaf...d92908438817984fc47558fdaa03805d8c3b256c) ### [csi-external-provisioner](https://github.com/openshift/csi-external-provisioner/tree/0bf126b77a721ddaa4706fcb41f8b7be8d292492) * [OCPBUGS-20759](https://issues.redhat.com/browse/OCPBUGS-20759): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#73](https://github.com/openshift/csi-external-provisioner/pull/73) * [OCPBUGS-16609](https://issues.redhat.com/browse/OCPBUGS-16609): [release-4.13] UPSTREAM: 880: Bump golang.org/x/net [#67](https://github.com/openshift/csi-external-provisioner/pull/67) * [Full changelog](https://github.com/openshift/csi-external-provisioner/compare/0dc83f5f1bd118247eaf0f91030c321da9c88aa3...0bf126b77a721ddaa4706fcb41f8b7be8d292492) ### [csi-external-resizer](https://github.com/openshift/csi-external-resizer/tree/e8036caff2482648a18c1ac776cf9d2474569d10) * [OCPBUGS-20908](https://issues.redhat.com/browse/OCPBUGS-20908): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#148](https://github.com/openshift/csi-external-resizer/pull/148) * [OCPBUGS-16639](https://issues.redhat.com/browse/OCPBUGS-16639): [release-4.13] UPSTREAM: 268: Bump golang.org/x/net [#143](https://github.com/openshift/csi-external-resizer/pull/143) * [Full changelog](https://github.com/openshift/csi-external-resizer/compare/3b2067091212995ce901d65504e794177632c55c...e8036caff2482648a18c1ac776cf9d2474569d10) ### [csi-external-snapshotter, csi-snapshot-controller, csi-snapshot-validation-webhook](https://github.com/openshift/csi-external-snapshotter/tree/c8a7a097f68b37ad06a87a4b5c480daeab45be85) * [OCPBUGS-29728](https://issues.redhat.com/browse/OCPBUGS-29728): cherry-pick:release-4.13: OCPBUGS-29244 Update VolumeSnapshot and VolumeSnapshotContent using JSON patch [#141](https://github.com/openshift/csi-external-snapshotter/pull/141) * [OCPBUGS-21011](https://issues.redhat.com/browse/OCPBUGS-21011): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#110](https://github.com/openshift/csi-external-snapshotter/pull/110) * [OCPBUGS-16638](https://issues.redhat.com/browse/OCPBUGS-16638): [release-4.13] UPSTREAM: 815: updated go module files [#103](https://github.com/openshift/csi-external-snapshotter/pull/103) * [Full changelog](https://github.com/openshift/csi-external-snapshotter/compare/e7114303c69b82fec51ab65ba15ec7b58be3b12f...c8a7a097f68b37ad06a87a4b5c480daeab45be85) ### [csi-livenessprobe](https://github.com/openshift/csi-livenessprobe/tree/3587db51b8a672a2d3be2ac48ea107e474f33402) * [OCPBUGS-20636](https://issues.redhat.com/browse/OCPBUGS-20636): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#51](https://github.com/openshift/csi-livenessprobe/pull/51) * [OCPBUGS-16600](https://issues.redhat.com/browse/OCPBUGS-16600): [release-4.13] UPSTREAM: 179: fix: CVE-2022-41723 [#46](https://github.com/openshift/csi-livenessprobe/pull/46) * [Full changelog](https://github.com/openshift/csi-livenessprobe/compare/c785aa6755bf96a4d39b4a804b7a826485965227...3587db51b8a672a2d3be2ac48ea107e474f33402) ### [csi-node-driver-registrar](https://github.com/openshift/csi-node-driver-registrar/tree/9ea90f34485500a525fcaad3d79ee82a41402d47) * [OCPBUGS-20686](https://issues.redhat.com/browse/OCPBUGS-20686): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#53](https://github.com/openshift/csi-node-driver-registrar/pull/53) * [OCPBUGS-16608](https://issues.redhat.com/browse/OCPBUGS-16608): [release-4.13] UPSTREAM: 284: Bump golang.org/x/net [#48](https://github.com/openshift/csi-node-driver-registrar/pull/48) * [Full changelog](https://github.com/openshift/csi-node-driver-registrar/compare/ee27c345e10faa88b1cf6436ac7922a7e5318a18...9ea90f34485500a525fcaad3d79ee82a41402d47) ### [docker-builder](https://github.com/openshift/builder/tree/0155fb1876cd809c97b46dff0660931046ab6076) * [OCPBUGS-22468](https://issues.redhat.com/browse/OCPBUGS-22468): [release-4.13] Bump github.com/sigstore/rekor [#374](https://github.com/openshift/builder/pull/374) * [OCPBUGS-23021](https://issues.redhat.com/browse/OCPBUGS-23021): Add -p flag to cp command to preserve timestamps [#371](https://github.com/openshift/builder/pull/371) * [OCPBUGS-20709](https://issues.redhat.com/browse/OCPBUGS-20709): [release-4.13] Bump golang.org/x/net [#363](https://github.com/openshift/builder/pull/363) * [OCPBUGS-15606](https://issues.redhat.com/browse/OCPBUGS-15606): Add the git-lfs package [#352](https://github.com/openshift/builder/pull/352) * [OCPBUGS-10002](https://issues.redhat.com/browse/OCPBUGS-10002), [OCPBUGS-8159](https://issues.redhat.com/browse/OCPBUGS-8159), [OCPBUGS-8191](https://issues.redhat.com/browse/OCPBUGS-8191): Mitigate CVE-2023-26054 [#348](https://github.com/openshift/builder/pull/348) * [Full changelog](https://github.com/openshift/builder/compare/72c106db1fbdec85f02477b86b02ca3dd8a873c6...0155fb1876cd809c97b46dff0660931046ab6076) ### [docker-registry](https://github.com/openshift/image-registry/tree/47a15ac8b7233bb1de44c1364bbd787de2edaaf0) * [OCPBUGS-19655](https://issues.redhat.com/browse/OCPBUGS-19655): increase rest.Config QPS and Burst [#383](https://github.com/openshift/image-registry/pull/383) * [OCPBUGS-18321](https://issues.redhat.com/browse/OCPBUGS-18321): bump docker-distribution [#376](https://github.com/openshift/image-registry/pull/376) * [Full changelog](https://github.com/openshift/image-registry/compare/f414ba7310818c39af1eaf8239e056cb6f146128...47a15ac8b7233bb1de44c1364bbd787de2edaaf0) ### [egress-router-cni](https://github.com/openshift/egress-router-cni/tree/dfe03737f1562e81aa09101e4a48f039245bd339) * [OCPBUGS-11648](https://issues.redhat.com/browse/OCPBUGS-11648): update go-yaml to v2.4.0 [#68](https://github.com/openshift/egress-router-cni/pull/68) * Add rhel9 binary [#71](https://github.com/openshift/egress-router-cni/pull/71) * [Full changelog](https://github.com/openshift/egress-router-cni/compare/879b72bf6305ef394291ed1b4c5eeb3b11917633...dfe03737f1562e81aa09101e4a48f039245bd339) ### [etcd](https://github.com/openshift/etcd/tree/8e02ad96b267b98912366e4784a16973f98c719f) * [OCPBUGS-28734](https://issues.redhat.com/browse/OCPBUGS-28734): Rebase etcd 3.5.12 openshift 4.13 [#245](https://github.com/openshift/etcd/pull/245) * [ETCD-537](https://issues.redhat.com/browse/ETCD-537): bump build root go1.20 [#252](https://github.com/openshift/etcd/pull/252) * [OCPBUGS-26925](https://issues.redhat.com/browse/OCPBUGS-26925): Rebase etcd 3.5.11 openshift 4.13 [#239](https://github.com/openshift/etcd/pull/239) * [OCPBUGS-22697](https://issues.redhat.com/browse/OCPBUGS-22697): [4.13] Carrying fixes for CVE-2023-44487 [#225](https://github.com/openshift/etcd/pull/225) * [OCPBUGS-18497](https://issues.redhat.com/browse/OCPBUGS-18497): Updating ose-etcd images to be consistent with ART [#214](https://github.com/openshift/etcd/pull/214) * [OCPBUGS-18398](https://issues.redhat.com/browse/OCPBUGS-18398): UPSTREAM <carry>: update build images to rhel9 [#212](https://github.com/openshift/etcd/pull/212) * [OCPBUGS-15859](https://issues.redhat.com/browse/OCPBUGS-15859): [4.13] Rebase openshift/etcd to 3.5.9 [#204](https://github.com/openshift/etcd/pull/204) * [Full changelog](https://github.com/openshift/etcd/compare/f70da9d78221bc3e6bf8ac14c0c4ecc106f4f57d...8e02ad96b267b98912366e4784a16973f98c719f) ### [gcp-cloud-controller-manager](https://github.com/openshift/cloud-provider-gcp/tree/507fea9800dc63da95ce551d2fb03219d0b0597a) * [OCPBUGS-21303](https://issues.redhat.com/browse/OCPBUGS-21303): Bump golang.org/x/net to v0.18.0 [#43](https://github.com/openshift/cloud-provider-gcp/pull/43) * [OCPBUGS-12603](https://issues.redhat.com/browse/OCPBUGS-12603): Bump x/net package to v0.10.0 [#32](https://github.com/openshift/cloud-provider-gcp/pull/32) * [Full changelog](https://github.com/openshift/cloud-provider-gcp/compare/9b7ca987656ad184730a6b430dcd846f5bc75db5...507fea9800dc63da95ce551d2fb03219d0b0597a) ### [gcp-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-gcp/tree/b8a2772574aacf16a998ff7c7ba24000eff60d07) * [OCPBUGS-21398](https://issues.redhat.com/browse/OCPBUGS-21398): Bump golang.org/x/net to v0.17.0 [#204](https://github.com/openshift/cluster-api-provider-gcp/pull/204) * [OCPBUGS-12604](https://issues.redhat.com/browse/OCPBUGS-12604): Bump x/net package to v0.10.0 [#196](https://github.com/openshift/cluster-api-provider-gcp/pull/196) * [Full changelog](https://github.com/openshift/cluster-api-provider-gcp/compare/baf133cb8c200c1200363c97442382a9f9dab011...b8a2772574aacf16a998ff7c7ba24000eff60d07) ### [gcp-machine-controllers](https://github.com/openshift/machine-api-provider-gcp/tree/e53a397d838137a37895fe668cba4857a82e7da2) * [OCPBUGS-24563](https://issues.redhat.com/browse/OCPBUGS-24563): Reduce metrics cardinality. [#74](https://github.com/openshift/machine-api-provider-gcp/pull/74) * [OCPBUGS-20851](https://issues.redhat.com/browse/OCPBUGS-20851): Bump x/net package to v0.18.0 [#68](https://github.com/openshift/machine-api-provider-gcp/pull/68) * [Full changelog](https://github.com/openshift/machine-api-provider-gcp/compare/38ddff06b72b364d1c994582d7ae3f119ef5d1a8...e53a397d838137a37895fe668cba4857a82e7da2) ### [gcp-pd-csi-driver](https://github.com/openshift/gcp-pd-csi-driver/tree/81e6074605854246cdab8425a7289ad83169571a) * [OCPBUGS-20735](https://issues.redhat.com/browse/OCPBUGS-20735): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#46](https://github.com/openshift/gcp-pd-csi-driver/pull/46) * [OCPBUGS-16331](https://issues.redhat.com/browse/OCPBUGS-16331): 4.13: UPSTREAM: 1169: Fix CVE-2022-41723 [#38](https://github.com/openshift/gcp-pd-csi-driver/pull/38) * [Full changelog](https://github.com/openshift/gcp-pd-csi-driver/compare/c5ae6f5d4a62ecc686259cc680514f1ae9f1f733...81e6074605854246cdab8425a7289ad83169571a) ### [gcp-pd-csi-driver-operator](https://github.com/openshift/gcp-pd-csi-driver-operator/tree/08c561b8292b4a5de3d5bc553a3e463b1f93ec0c) * [OCPBUGS-20827](https://issues.redhat.com/browse/OCPBUGS-20827): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#88](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/88) * [OCPBUGS-16250](https://issues.redhat.com/browse/OCPBUGS-16250): Add management workloads annotations [#80](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/80) * [Full changelog](https://github.com/openshift/gcp-pd-csi-driver-operator/compare/d151ef0f5268ccdedf5bb43b649d4cab13b21d68...08c561b8292b4a5de3d5bc553a3e463b1f93ec0c) ### [haproxy-router](https://github.com/openshift/router/tree/431a6e667025931c68b4f747a224af29edf356f6) * [OCPBUGS-21117](https://issues.redhat.com/browse/OCPBUGS-21117): Bump golang.org/x/net to v0.17.0 to address CVE-2023-39325 [#531](https://github.com/openshift/router/pull/531) * [OCPBUGS-17762](https://issues.redhat.com/browse/OCPBUGS-17762): haproxy/template: mitigate CVE-2023-40225 [#506](https://github.com/openshift/router/pull/506) * [OCPBUGS-17107](https://issues.redhat.com/browse/OCPBUGS-17107): properly handle weight=0 [#501](https://github.com/openshift/router/pull/501) * [OCPBUGS-13964](https://issues.redhat.com/browse/OCPBUGS-13964), [OCPBUGS-13967](https://issues.redhat.com/browse/OCPBUGS-13967): Handle mTLS CRLs, and fix accidental CRL duplication [#485](https://github.com/openshift/router/pull/485) * [Full changelog](https://github.com/openshift/router/compare/e28644631982fb4596e065d3ae85099f0886829d...431a6e667025931c68b4f747a224af29edf356f6) ### [hyperkube, pod](https://github.com/openshift/kubernetes/tree/03ee8988f028929587523bfa1914e4d36916217e) * [OCPBUGS-29663](https://issues.redhat.com/browse/OCPBUGS-29663): Update to kubernetes 1.26.14 [#1889](https://github.com/openshift/kubernetes/pull/1889) * [OCPBUGS-12210](https://issues.redhat.com/browse/OCPBUGS-12210): Prevent partially filled HPA behaviors from crashing kube-controller-manager [#1876](https://github.com/openshift/kubernetes/pull/1876) * [OCPBUGS-27370](https://issues.redhat.com/browse/OCPBUGS-27370): Update to kubernetes 1.26.13 [#1859](https://github.com/openshift/kubernetes/pull/1859) * [OCPBUGS-25814](https://issues.redhat.com/browse/OCPBUGS-25814): Fix device uncertain errors on reboot - 4.13 [#1831](https://github.com/openshift/kubernetes/pull/1831) * [OCPBUGS-25988](https://issues.redhat.com/browse/OCPBUGS-25988): Update to kubernetes 1.26.12 [#1839](https://github.com/openshift/kubernetes/pull/1839) * [OCPBUGS-25767](https://issues.redhat.com/browse/OCPBUGS-25767): legacy-cloud-providers: prevent index out-of-range in getNextUnitNumber [#1834](https://github.com/openshift/kubernetes/pull/1834) * [OCPBUGS-23521](https://issues.redhat.com/browse/OCPBUGS-23521): UPSTREAM: <carry>: support for both icsp and idms objects [#1798](https://github.com/openshift/kubernetes/pull/1798) * [OCPBUGS-23567](https://issues.redhat.com/browse/OCPBUGS-23567): Update to kubernetes 1.26.11 [#1809](https://github.com/openshift/kubernetes/pull/1809) * [OCPBUGS-18829](https://issues.redhat.com/browse/OCPBUGS-18829): cm: reorder setting of sched_load_balance for sandbox slice [#1696](https://github.com/openshift/kubernetes/pull/1696) * [OCPBUGS-23287](https://issues.redhat.com/browse/OCPBUGS-23287): UPSTREAM: 121881: Use golang library instead of mklink [#1802](https://github.com/openshift/kubernetes/pull/1802) * openshift-hack: Fix sporadic 141 errors in build-rpms [#1773](https://github.com/openshift/kubernetes/pull/1773) * [OCPBUGS-20114](https://issues.redhat.com/browse/OCPBUGS-20114): UPSTREAM: <carry>: Do not allow nodes to set forbidden openshift labels [#1746](https://github.com/openshift/kubernetes/pull/1746) * [OCPBUGS-21063](https://issues.redhat.com/browse/OCPBUGS-21063): [release-4.13] UPSTREAM: 121126: [1.26][CVE-2023-39325] .: bump golang.org/x/net to v0.17.0 [#1759](https://github.com/openshift/kubernetes/pull/1759) * [OCPBUGS-19885](https://issues.redhat.com/browse/OCPBUGS-19885): UPSTREAM: 120789: change rolling update logic to exclude sunsetting nodes [#1725](https://github.com/openshift/kubernetes/pull/1725) * [OCPBUGS-18287](https://issues.redhat.com/browse/OCPBUGS-18287), [OCPBUGS-19480](https://issues.redhat.com/browse/OCPBUGS-19480): Update to Kubernetes 1.26.9 [#1715](https://github.com/openshift/kubernetes/pull/1715) * [OCPBUGS-18677](https://issues.redhat.com/browse/OCPBUGS-18677): UPSTREAM: <carry>: Force using host go always and use host libriaries [#1689](https://github.com/openshift/kubernetes/pull/1689) * [OCPBUGS-17187](https://issues.redhat.com/browse/OCPBUGS-17187): Update to Kubernetes 1.26.7 [#1649](https://github.com/openshift/kubernetes/pull/1649) * [OCPBUGS-17145](https://issues.redhat.com/browse/OCPBUGS-17145): Increase service idle max timeout to 100 minutes [#1657](https://github.com/openshift/kubernetes/pull/1657) * [OCPBUGS-15866](https://issues.redhat.com/browse/OCPBUGS-15866): remove readiness check for cache exclusion [#1625](https://github.com/openshift/kubernetes/pull/1625) * [OCPBUGS-15866](https://issues.redhat.com/browse/OCPBUGS-15866): UPSTREAM: <drop>: hack/update-vendor.sh [#1637](https://github.com/openshift/kubernetes/pull/1637) * [OCPBUGS-15246](https://issues.redhat.com/browse/OCPBUGS-15246): Bump to k8s 1.26.6 [#1610](https://github.com/openshift/kubernetes/pull/1610) * [OCPBUGS-8738](https://issues.redhat.com/browse/OCPBUGS-8738): bump apiserver-lib-go [#1611](https://github.com/openshift/kubernetes/pull/1611) * [OCPBUGS-14589](https://issues.redhat.com/browse/OCPBUGS-14589): [release-4.13] UPSTREAM: 118383: bump cadvisor for upstream patch 3301 [#1596](https://github.com/openshift/kubernetes/pull/1596) * [OCPBUGS-13747](https://issues.redhat.com/browse/OCPBUGS-13747): 4.13: kubelet/cm: disable cpu load balancing on slices when using static cpu manager policy [#1580](https://github.com/openshift/kubernetes/pull/1580) * [OCPBUGS-14048](https://issues.redhat.com/browse/OCPBUGS-14048): Bump to k8s 1.26.5 [#1586](https://github.com/openshift/kubernetes/pull/1586) * [Full changelog](https://github.com/openshift/kubernetes/compare/b40493584076fb1ab29f3bed1d05d16cbc5b17f1...03ee8988f028929587523bfa1914e4d36916217e) ### [hypershift](https://github.com/openshift/hypershift/tree/1ef713f57c05135df9b141d29d9d0f8412eb7e58) * [HOSTEDCP-1146](https://issues.redhat.com/browse/HOSTEDCP-1146): cpo: use CPO spec container image if it is a sha256 reference [#3296](https://github.com/openshift/hypershift/pull/3296) * [OCPBUGS-22971](https://issues.redhat.com/browse/OCPBUGS-22971): Add konnectivity-proxy container to CNO [#3167](https://github.com/openshift/hypershift/pull/3167) * [OCPBUGS-23455](https://issues.redhat.com/browse/OCPBUGS-23455): Use the same etcd snapshot for all replicas during etcd restore [#3205](https://github.com/openshift/hypershift/pull/3205) * NO-JIRA: Red Hat Trusted App Pipeline purge hypershift-operator-release-413 [#3217](https://github.com/openshift/hypershift/pull/3217) * chore(deps): update rhtap references (release-4.13) [#3043](https://github.com/openshift/hypershift/pull/3043) * Update RHTAP references (release-4.13) [#2996](https://github.com/openshift/hypershift/pull/2996) * [OCPBUGS-17182](https://issues.redhat.com/browse/OCPBUGS-17182): add need-management-kas-access label to olm-collect-profiles pods [#2871](https://github.com/openshift/hypershift/pull/2871) * [OCPBUGS-16225](https://issues.redhat.com/browse/OCPBUGS-16225): Add missing probes to two services [#2821](https://github.com/openshift/hypershift/pull/2821) * fix(olm): Use 4.13 catalog source images [#2978](https://github.com/openshift/hypershift/pull/2978) * Updated secret permissions for openshift-route-controller-manager [#2923](https://github.com/openshift/hypershift/pull/2923) * [HOSTEDCP-1121](https://issues.redhat.com/browse/HOSTEDCP-1121): Ensure SG reconciliation for aws endpoint [#2885](https://github.com/openshift/hypershift/pull/2885) * chore(deps): update rhtap references (release-4.13) [#2921](https://github.com/openshift/hypershift/pull/2921) * Revert "HOSTEDCP-1110: [backport-4.13] Allow HCP Specification to Support ICSP & IDMS" [#2931](https://github.com/openshift/hypershift/pull/2931) * chore(deps): update rhtap references (release-4.13) [#2904](https://github.com/openshift/hypershift/pull/2904) * Update RHTAP references (release-4.13) [#2866](https://github.com/openshift/hypershift/pull/2866) * [HOSTEDCP-1046](https://issues.redhat.com/browse/HOSTEDCP-1046): Add ImageDigestMirrorSet to Config API comment [#2870](https://github.com/openshift/hypershift/pull/2870) * [HOSTEDCP-1046](https://issues.redhat.com/browse/HOSTEDCP-1046): Add IDMS to the list of valid config manifests [#2863](https://github.com/openshift/hypershift/pull/2863) * Update RHTAP references (release-4.13) [#2833](https://github.com/openshift/hypershift/pull/2833) * [HOSTEDCP-1110](https://issues.redhat.com/browse/HOSTEDCP-1110): [backport-4.13] Allow HCP Specification to Support ICSP & IDMS [#2839](https://github.com/openshift/hypershift/pull/2839) * [OCPBUGS-15743](https://issues.redhat.com/browse/OCPBUGS-15743): Let getMachinesForNodePool return machines ordered by creation Timestamp [#2767](https://github.com/openshift/hypershift/pull/2767) * 4.13: Add management cluster KAS network policy [#2786](https://github.com/openshift/hypershift/pull/2786) * Leader election config update. [#2801](https://github.com/openshift/hypershift/pull/2801) * [OCPBUGS-16160](https://issues.redhat.com/browse/OCPBUGS-16160): fix deletion bug when hostedzone is already deleted [#2813](https://github.com/openshift/hypershift/pull/2813) * [HOSTEDCP-1061](https://issues.redhat.com/browse/HOSTEDCP-1061): [release-4.13] Implement dedicated request serving nodes for HostedClusters [#2809](https://github.com/openshift/hypershift/pull/2809) * Update RHTAP references (release-4.13) [#2816](https://github.com/openshift/hypershift/pull/2816) * [OCPBUGS-16057](https://issues.redhat.com/browse/OCPBUGS-16057): use ignition-proxy Service to populate ignitionEndpoint with strategy NodePort [#2798](https://github.com/openshift/hypershift/pull/2798) * OCPBUGS-14862 Improve clarity around hypershift operator permissions [#2810](https://github.com/openshift/hypershift/pull/2810) * [HOSTEDCP-1101](https://issues.redhat.com/browse/HOSTEDCP-1101): Add snyk-secret HO RHTAP scripts [#2799](https://github.com/openshift/hypershift/pull/2799) * [OCPBUGS-16125](https://issues.redhat.com/browse/OCPBUGS-16125): [release-4.13] Update vendored dependencies [#2797](https://github.com/openshift/hypershift/pull/2797) * [OCPBUGS-15774](https://issues.redhat.com/browse/OCPBUGS-15774): autoscaling balance similar groups [#2805](https://github.com/openshift/hypershift/pull/2805) * [OCPBUGS-15965](https://issues.redhat.com/browse/OCPBUGS-15965): Reject VPCE Connections during VPCE Service cleanup [#2789](https://github.com/openshift/hypershift/pull/2789) * Update RHTAP references (release-4.13) [#2751](https://github.com/openshift/hypershift/pull/2751) * [OCPBUGS-15171](https://issues.redhat.com/browse/OCPBUGS-15171): Skip AWS resource deletion for 'Unknown' OIDC state [#2701](https://github.com/openshift/hypershift/pull/2701) * [HOSTEDCP-1008](https://issues.redhat.com/browse/HOSTEDCP-1008): Add NodePoolTransitionSeconds metric [#2758](https://github.com/openshift/hypershift/pull/2758) * [OCPBUGS-15281](https://issues.redhat.com/browse/OCPBUGS-15281): Check OwningIngressController also in Labels [#2715](https://github.com/openshift/hypershift/pull/2715) * [HOSTEDCP-1060](https://issues.redhat.com/browse/HOSTEDCP-1060): refactor ignition-server reconcilation and add ignition-server proxy [#2748](https://github.com/openshift/hypershift/pull/2748) * [HOSTEDCP-1073](https://issues.redhat.com/browse/HOSTEDCP-1073): enforce blocked rollout of HCP [#2735](https://github.com/openshift/hypershift/pull/2735) * [HOSTEDCP-1003](https://issues.redhat.com/browse/HOSTEDCP-1003): Set AWS conditions only for AWS platform [#2670](https://github.com/openshift/hypershift/pull/2670) * OCPBUGS-15268 properly handle user CA bundle not existing [#2710](https://github.com/openshift/hypershift/pull/2710) * [OCPBUGS-15301](https://issues.redhat.com/browse/OCPBUGS-15301): [release-4.13] fix(oauth): Do not proxy IBM Cloud IAM endpoints [#2696](https://github.com/openshift/hypershift/pull/2696) * [OCPBUGS-14030](https://issues.redhat.com/browse/OCPBUGS-14030): Include default ingress CA in root CA bundle [#2599](https://github.com/openshift/hypershift/pull/2599) * [OCPBUGS-14490](https://issues.redhat.com/browse/OCPBUGS-14490): Enable HCCO to reconcile over the OperatorHub's disableAllDefaultSources object [#2645](https://github.com/openshift/hypershift/pull/2645) * [OCPBUGS-14801](https://issues.redhat.com/browse/OCPBUGS-14801): Set `DisableStrictZoneCheck = true` in the AWS Cloud Provider config [#2666](https://github.com/openshift/hypershift/pull/2666) * [HOSTEDCP-1048](https://issues.redhat.com/browse/HOSTEDCP-1048): Add impersonate feature to the CLI and document HC dump procedure [#2681](https://github.com/openshift/hypershift/pull/2681) * [OCPBUGS-14872](https://issues.redhat.com/browse/OCPBUGS-14872): Honor global ingress configuration LoadBalancer type on AWS [#2677](https://github.com/openshift/hypershift/pull/2677) * [OCPBUGS-14436](https://issues.redhat.com/browse/OCPBUGS-14436): Add ClusterUpgradeDuration metric [#2637](https://github.com/openshift/hypershift/pull/2637) * [HOSTEDCP-1009](https://issues.redhat.com/browse/HOSTEDCP-1009): Allow external-dns image to be set in install cli [#2652](https://github.com/openshift/hypershift/pull/2652) * Red Hat Trusted App Pipeline update hypershift-operator-release-413 [#2641](https://github.com/openshift/hypershift/pull/2641) * Red Hat Trusted App Pipeline purge hypershift [#2640](https://github.com/openshift/hypershift/pull/2640) * [OCPBUGS-13735](https://issues.redhat.com/browse/OCPBUGS-13735): Cluster-api SA can't create events and fix permissions wrongly included [#2610](https://github.com/openshift/hypershift/pull/2610) * [OCPBUGS-14242](https://issues.redhat.com/browse/OCPBUGS-14242): Remove external-dns --events flag [#2621](https://github.com/openshift/hypershift/pull/2621) * [OCPBUGS-14155](https://issues.redhat.com/browse/OCPBUGS-14155): Reconcile oauthDeployment annotations even if kubeadmin secret is not found [#2613](https://github.com/openshift/hypershift/pull/2613) * [OCPBUGS-13399](https://issues.redhat.com/browse/OCPBUGS-13399): Fix errors from HCP controller removeServiceCAAnnotationAndSecret() [#2552](https://github.com/openshift/hypershift/pull/2552) * [HOSTEDCP-1010](https://issues.redhat.com/browse/HOSTEDCP-1010): Set ETCD Storage Size as immutable field and equalised the default size among both api versions [#2611](https://github.com/openshift/hypershift/pull/2611) * [HOSTEDCP-947](https://issues.redhat.com/browse/HOSTEDCP-947): Increases default etcd PV size to 8Gi [#2569](https://github.com/openshift/hypershift/pull/2569) * [HOSTEDCP-926](https://issues.redhat.com/browse/HOSTEDCP-926): Send metric when HO/CPO decide to skip cloud resource deletion [#2594](https://github.com/openshift/hypershift/pull/2594) * [HOSTEDCP-975](https://issues.redhat.com/browse/HOSTEDCP-975): Backport nodepools metrics [#2601](https://github.com/openshift/hypershift/pull/2601) * Red Hat Trusted App Pipeline update hypershift [#2603](https://github.com/openshift/hypershift/pull/2603) * [Full changelog](https://github.com/openshift/hypershift/compare/3f61d88560660a04c860f2cb5fb355b8fb9142b8...1ef713f57c05135df9b141d29d9d0f8412eb7e58) ### [ibm-cloud-controller-manager](https://github.com/openshift/cloud-provider-ibm/tree/b5bcaf9caa96561a32ec5e7b79ca41e173ecfe25) * [OCPBUGS-24999](https://issues.redhat.com/browse/OCPBUGS-24999): Add Snyk file to exclude vendor directory on scan [#66](https://github.com/openshift/cloud-provider-ibm/pull/66) * [OCPBUGS-21137](https://issues.redhat.com/browse/OCPBUGS-21137): Bump golang.org/x/net to v0.18.0 [#56](https://github.com/openshift/cloud-provider-ibm/pull/56) * [OCPBUGS-12612](https://issues.redhat.com/browse/OCPBUGS-12612): Update x/net to v0.7.0 [#52](https://github.com/openshift/cloud-provider-ibm/pull/52) * [Full changelog](https://github.com/openshift/cloud-provider-ibm/compare/1640c42033631b3e8847c9867772666e898dfd01...b5bcaf9caa96561a32ec5e7b79ca41e173ecfe25) ### [ibm-vpc-block-csi-driver](https://github.com/openshift/ibm-vpc-block-csi-driver/tree/3e0eb20f7521c895c2d11ae683fd53adadaeffba) * [OCPBUGS-18143](https://issues.redhat.com/browse/OCPBUGS-18143): [IBM VPC] failed provisioning volume in proxy cluster [#47](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/47) * [OCPBUGS-21230](https://issues.redhat.com/browse/OCPBUGS-21230): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#51](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/51) * [OCPBUGS-16378](https://issues.redhat.com/browse/OCPBUGS-16378): 4.13: UPSTREAM: 157: K8S and grpc package upgrade [#40](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/40) * [Full changelog](https://github.com/openshift/ibm-vpc-block-csi-driver/compare/66dcaf9a0591ec321828cec5ee24f0a4df0e5080...3e0eb20f7521c895c2d11ae683fd53adadaeffba) ### [ibm-vpc-block-csi-driver-operator](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/tree/38c439da0b0ff924ad6b3d0af6461605a8b498ac) * [OCPBUGS-21319](https://issues.redhat.com/browse/OCPBUGS-21319): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#82](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/82) * [OCPBUGS-18143](https://issues.redhat.com/browse/OCPBUGS-18143): [IBM VPC] failed provisioning volume in proxy cluster [#76](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/76) * [OCPBUGS-16250](https://issues.redhat.com/browse/OCPBUGS-16250): Add management workloads annotations [#73](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/73) * [Full changelog](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/compare/e83df2f32ae88c84c15a12741a970607b20228ec...38c439da0b0ff924ad6b3d0af6461605a8b498ac) ### [ibm-vpc-node-label-updater](https://github.com/openshift/ibm-vpc-node-label-updater/tree/7721a9e75b92bdd12ff9a05acc9274c0d0580aba) * [OCPBUGS-21432](https://issues.redhat.com/browse/OCPBUGS-21432): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#28](https://github.com/openshift/ibm-vpc-node-label-updater/pull/28) * [OCPBUGS-14073](https://issues.redhat.com/browse/OCPBUGS-14073): UPSTREAM: 20: Bump (golang.org/x/net): to address CVE-2022-41723 [#24](https://github.com/openshift/ibm-vpc-node-label-updater/pull/24) * [Full changelog](https://github.com/openshift/ibm-vpc-node-label-updater/compare/283a614ee34e83afa065338dee25d4ee202c8aeb...7721a9e75b92bdd12ff9a05acc9274c0d0580aba) ### [ibmcloud-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-ibmcloud/tree/c4441f101083a8ffe01d4d6bb372a8b32a30a9a6) * [OCPBUGS-21418](https://issues.redhat.com/browse/OCPBUGS-21418): UPSTREAM: <carry>: bump golang.org/x/net to v0.18.0 [#66](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/66) * [Full changelog](https://github.com/openshift/cluster-api-provider-ibmcloud/compare/d221afa4bee0d722a97f49c0212dfb7954f49b93...c4441f101083a8ffe01d4d6bb372a8b32a30a9a6) ### [ibmcloud-machine-controllers](https://github.com/openshift/machine-api-provider-ibmcloud/tree/bb253a0c607f7d1f8139ffd401bd6c9c432090d1) * [OCPBUGS-12616](https://issues.redhat.com/browse/OCPBUGS-12616): Bump x/net to v0.7.0 [#23](https://github.com/openshift/machine-api-provider-ibmcloud/pull/23) * [Full changelog](https://github.com/openshift/machine-api-provider-ibmcloud/compare/c75f7e3e7a3b7525aa2d540f86fd7477e7800608...bb253a0c607f7d1f8139ffd401bd6c9c432090d1) ### [insights-operator](https://github.com/openshift/insights-operator/tree/c2c598d6e76fd71cee71d8ed1015f06090c4ce1a) * [OCPBUGS-28157](https://issues.redhat.com/browse/OCPBUGS-28157): Add extra check in ids to bypass validations (#905) [#905](https://github.com/openshift/insights-operator/pull/905) * gather etcd_server_slow metrics (#902) (#909) [#902](https://github.com/openshift/insights-operator/pull/902) * [OCPBUGS-23962](https://issues.redhat.com/browse/OCPBUGS-23962): adds helm information gather (#868) (#883) [#868](https://github.com/openshift/insights-operator/pull/868) * [OCPBUGS-22958](https://issues.redhat.com/browse/OCPBUGS-22958): adds cluster storageclasses gather (#858) (#875) [#858](https://github.com/openshift/insights-operator/pull/858) * [OCPBUGS-22953](https://issues.redhat.com/browse/OCPBUGS-22953): create Prometheus rules programmatically according the… (#860) [#860](https://github.com/openshift/insights-operator/pull/860) * [OCPBUGS-22914](https://issues.redhat.com/browse/OCPBUGS-22914): remove username & password config options (#859) [#859](https://github.com/openshift/insights-operator/pull/859) * [OCPBUGS-20750](https://issues.redhat.com/browse/OCPBUGS-20750): update dependencies (#840) [#840](https://github.com/openshift/insights-operator/pull/840) * Add cherry-pick from 4.14 (#848) [#848](https://github.com/openshift/insights-operator/pull/848) * [OCPBUGS-19476](https://issues.redhat.com/browse/OCPBUGS-19476): update Insights report config logging (#828) [#828](https://github.com/openshift/insights-operator/pull/828) * [OCPBUGS-17661](https://issues.redhat.com/browse/OCPBUGS-17661): workload info gatherer, add external image repo (#816) [#816](https://github.com/openshift/insights-operator/pull/816) * [OCPBUGS-14773](https://issues.redhat.com/browse/OCPBUGS-14773): extend configmap gatherer to get gateway-mode-config (#788) (#791) [#788](https://github.com/openshift/insights-operator/pull/788) * [release-4.13 ]OCPBUGS-15031: fix the config serialization & add test (#794) (#796) [#794](https://github.com/openshift/insights-operator/pull/794) * [OCPBUGS-14318](https://issues.redhat.com/browse/OCPBUGS-14318): gather PDBs only from openshift namespaces (#786) [#786](https://github.com/openshift/insights-operator/pull/786) * [Full changelog](https://github.com/openshift/insights-operator/compare/0babf2b1fa2d68eae51a578f40fcdfb722fe485a...c2c598d6e76fd71cee71d8ed1015f06090c4ce1a) ### [ironic](https://github.com/openshift/ironic-image/tree/8d8034fa0d8bfa4b76f21695a1fbe91fc5947077) * [OCPBUGS-29190](https://issues.redhat.com/browse/OCPBUGS-29190): Fix Inspector iPXE config for IPv6 addresses [#453](https://github.com/openshift/ironic-image/pull/453) * [OCPBUGS-23978](https://issues.redhat.com/browse/OCPBUGS-23978): Ironic side of external_http_url (METAL-163) is not wired in correctly [#430](https://github.com/openshift/ironic-image/pull/430) * [OCPBUGS-23506](https://issues.redhat.com/browse/OCPBUGS-23506): Uplift eventlet version [#427](https://github.com/openshift/ironic-image/pull/427) * [OCPBUGS-23356](https://issues.redhat.com/browse/OCPBUGS-23356): Upgrade werkzeug dependency [#422](https://github.com/openshift/ironic-image/pull/422) * [OCPBUGS-19078](https://issues.redhat.com/browse/OCPBUGS-19078): Handle Eject DVD 4.13 [#416](https://github.com/openshift/ironic-image/pull/416) * [OCPBUGS-23072](https://issues.redhat.com/browse/OCPBUGS-23072): Use bash process substitution instead of pipe [#413](https://github.com/openshift/ironic-image/pull/413) * [OCPBUGS-17837](https://issues.redhat.com/browse/OCPBUGS-17837): Fix PROVISIONING_MACS unbound [#393](https://github.com/openshift/ironic-image/pull/393) * [OCPBUGS-17158](https://issues.redhat.com/browse/OCPBUGS-17158): [4.13] Update packages with latest bugfix [#388](https://github.com/openshift/ironic-image/pull/388) * [OCPBUGS-17551](https://issues.redhat.com/browse/OCPBUGS-17551): Expand regex for fcos/okd packages list [#390](https://github.com/openshift/ironic-image/pull/390) * Bug OCPBUGS-15235: Incrementing Ironic versions to include backported SNMPv3 FIPS fix. [#383](https://github.com/openshift/ironic-image/pull/383) * [OCPBUGS-13587](https://issues.redhat.com/browse/OCPBUGS-13587): Add python-flask dependency [#372](https://github.com/openshift/ironic-image/pull/372) * [OCPBUGS-14135](https://issues.redhat.com/browse/OCPBUGS-14135): ironic.conf.j2: Bump min_command_interval to 30 on SCOS [#378](https://github.com/openshift/ironic-image/pull/378) * Bug OCPBUGS-13334: Bump ironic version to include fix to OCPBUGS-13334. [#366](https://github.com/openshift/ironic-image/pull/366) * [Full changelog](https://github.com/openshift/ironic-image/compare/798f79f2d37fe93502ac0e78f24830a9c4ffdcd9...8d8034fa0d8bfa4b76f21695a1fbe91fc5947077) ### [ironic-agent](https://github.com/openshift/ironic-agent-image/tree/833caa2c4b712381c3f847ba928dcb34d0f875a1) * [OCPBUGS-29725](https://issues.redhat.com/browse/OCPBUGS-29725): Always add ignition to set hostname on /etc/hostname [#111](https://github.com/openshift/ironic-agent-image/pull/111) * [OCPBUGS-19006](https://issues.redhat.com/browse/OCPBUGS-19006): backport hostname fixes [#89](https://github.com/openshift/ironic-agent-image/pull/89) * Switch to udevadm command install instead of package [OKD] [#83](https://github.com/openshift/ironic-agent-image/pull/83) * "Bug OCPBUGS-15777: Switch to udevadm command install instead of package" [#81](https://github.com/openshift/ironic-agent-image/pull/81) * [Full changelog](https://github.com/openshift/ironic-agent-image/compare/ee5bee32747e1053fc6add76fcdd98f5816b27ba...833caa2c4b712381c3f847ba928dcb34d0f875a1) ### [ironic-machine-os-downloader](https://github.com/openshift/ironic-rhcos-downloader/tree/ce2917794de5723248fe3302c8833f89fb54265a) * [OCPBUGS-15734](https://issues.redhat.com/browse/OCPBUGS-15734): Binary should be compiled on rhel9 [#91](https://github.com/openshift/ironic-rhcos-downloader/pull/91) * [Full changelog](https://github.com/openshift/ironic-rhcos-downloader/compare/2ba6060dc968488a495fbcd1250cfb186e4ada78...ce2917794de5723248fe3302c8833f89fb54265a) ### [ironic-static-ip-manager](https://github.com/openshift/ironic-static-ip-manager/tree/4536724a8644fda91a74b23901ba1789eaff7179) * [OCPBUGS-14315](https://issues.redhat.com/browse/OCPBUGS-14315): Flush addresses on provisioning interface with global scope only [#36](https://github.com/openshift/ironic-static-ip-manager/pull/36) * [Full changelog](https://github.com/openshift/ironic-static-ip-manager/compare/f524f2c9451ff0808beb54bece660640f58e8a3d...4536724a8644fda91a74b23901ba1789eaff7179) ### [k8s-prometheus-adapter](https://github.com/openshift/k8s-prometheus-adapter/tree/0fce7c7c97d56ba0a0ae4c6a2ba32e559b8a03d7) * [OCPBUGS-21457](https://issues.redhat.com/browse/OCPBUGS-21457): upgrade golang.org/x/net to 0.17.0 to address CVE [#90](https://github.com/openshift/k8s-prometheus-adapter/pull/90) * [OCPBUGS-20405](https://issues.redhat.com/browse/OCPBUGS-20405): limit number of simultaneous client requests [#78](https://github.com/openshift/k8s-prometheus-adapter/pull/78) * [Full changelog](https://github.com/openshift/k8s-prometheus-adapter/compare/b2e401059a11d23923adba51eeb82cbd5d75b7fc...0fce7c7c97d56ba0a0ae4c6a2ba32e559b8a03d7) ### [keepalived-ipfailover](https://github.com/openshift/images/tree/1a14e5c9896976b43767ab325a6fe35527a514a5) * [OCPBUGS-6236](https://issues.redhat.com/browse/OCPBUGS-6236): Updating openshift-enterprise-egress-router images to be consistent with ART [#121](https://github.com/openshift/images/pull/121) * [Full changelog](https://github.com/openshift/images/compare/04659348dbad0cd9b56596d5977d2934fa01d509...1a14e5c9896976b43767ab325a6fe35527a514a5) ### [kube-proxy, sdn](https://github.com/openshift/sdn/tree/569ea1116cb348a31ea757b0a76d21de6bc8bcba) * [OCPBUGS-20771](https://issues.redhat.com/browse/OCPBUGS-20771): update x/net to v0.17.0 [#590](https://github.com/openshift/sdn/pull/590) * [OCPBUGS-22932](https://issues.redhat.com/browse/OCPBUGS-22932): Change the permission of 80-openshift-network.conf to 600 [#582](https://github.com/openshift/sdn/pull/582) * [OCPBUGS-14504](https://issues.redhat.com/browse/OCPBUGS-14504): Use the ovsver build arg to infer the openvswitch short version number [#572](https://github.com/openshift/sdn/pull/572) * [OCPBUGS-15977](https://issues.redhat.com/browse/OCPBUGS-15977): Dockerfile: keep a RHEL-8 CNI shim binary in the default /opt/cni/bin dir [#558](https://github.com/openshift/sdn/pull/558) * [OCPBUGS-15977](https://issues.redhat.com/browse/OCPBUGS-15977): Dockerfile changes to build both rhel8 and rhel9 binaries [#557](https://github.com/openshift/sdn/pull/557) * [OCPBUGS-14278](https://issues.redhat.com/browse/OCPBUGS-14278): fix possible concurrent map read/write [#550](https://github.com/openshift/sdn/pull/550) * [Full changelog](https://github.com/openshift/sdn/compare/d56dc6a393cf250704d2c4914c09533525caafba...569ea1116cb348a31ea757b0a76d21de6bc8bcba) ### [kube-rbac-proxy](https://github.com/openshift/kube-rbac-proxy/tree/ae32bfa0f11ae2854339ab9af83c44ee1c04fe31) * [OCPBUGS-20702](https://issues.redhat.com/browse/OCPBUGS-20702): v0.15.0 downstream release 4.13 [#84](https://github.com/openshift/kube-rbac-proxy/pull/84) * [OCPBUGS-12513](https://issues.redhat.com/browse/OCPBUGS-12513): go.mod: update golang.org/x/net to v0.7.0 [#68](https://github.com/openshift/kube-rbac-proxy/pull/68) * [Full changelog](https://github.com/openshift/kube-rbac-proxy/compare/11b1439d48a47a408ae7e2dd851989f7b7b4f595...ae32bfa0f11ae2854339ab9af83c44ee1c04fe31) ### [kube-state-metrics](https://github.com/openshift/kube-state-metrics/tree/fd791df54d7271c1611090505509a03454168689) * [OCPBUGS-20778](https://issues.redhat.com/browse/OCPBUGS-20778): bump x/net to v0.17.0 [#102](https://github.com/openshift/kube-state-metrics/pull/102) * [Full changelog](https://github.com/openshift/kube-state-metrics/compare/4b9698489404f06195ba8a4646d58d67e13501d4...fd791df54d7271c1611090505509a03454168689) ### [kuryr-cni, kuryr-controller](https://github.com/openshift/kuryr-kubernetes/tree/36754b7b90928e26811e1c5ea13e7d0bd85709de) * Bug OCPBUGS-16340: Fix np retry [#738](https://github.com/openshift/kuryr-kubernetes/pull/738) * [OCPBUGS-15457](https://issues.redhat.com/browse/OCPBUGS-15457): Remove unneeded grpcio dependencies from RPM [#735](https://github.com/openshift/kuryr-kubernetes/pull/735) * [Full changelog](https://github.com/openshift/kuryr-kubernetes/compare/3055dbe26667d6cf2d1f452a7dd97ca2113b606d...36754b7b90928e26811e1c5ea13e7d0bd85709de) ### [libvirt-machine-controllers](https://github.com/openshift/cluster-api-provider-libvirt/tree/d4b7a8ab790a970ce2f0374146248b2307df0185) * "OCPBUGS-19927: libvirt: Don't force use of virtio console" [#268](https://github.com/openshift/cluster-api-provider-libvirt/pull/268) * [Full changelog](https://github.com/openshift/cluster-api-provider-libvirt/compare/e55e92c14b2cd4925f8489f5f074015a64ed5713...d4b7a8ab790a970ce2f0374146248b2307df0185) ### [machine-api-operator](https://github.com/openshift/machine-api-operator/tree/c2a173259a7f9621de82b6a40c80129667a49093) * [OCPBUGS-25165](https://issues.redhat.com/browse/OCPBUGS-25165): Add Snyk file to exclude vendor directory on scan [#1194](https://github.com/openshift/machine-api-operator/pull/1194) * [OCPBUGS-24277](https://issues.redhat.com/browse/OCPBUGS-24277): Update reference URL [#1188](https://github.com/openshift/machine-api-operator/pull/1188) * [OCPBUGS-24277](https://issues.redhat.com/browse/OCPBUGS-24277): Use docs URL instead of KCS article [#1181](https://github.com/openshift/machine-api-operator/pull/1181) * [OCPBUGS-21513](https://issues.redhat.com/browse/OCPBUGS-21513): Bump golang.org/x/net to v0.18.0 [#1175](https://github.com/openshift/machine-api-operator/pull/1175) * [OCPBUGS-12626](https://issues.redhat.com/browse/OCPBUGS-12626): Update golang.org/x/net dependency [#1148](https://github.com/openshift/machine-api-operator/pull/1148) * [Full changelog](https://github.com/openshift/machine-api-operator/compare/a23baf767a80a2a7e467be1c8ef9b32d40c66825...c2a173259a7f9621de82b6a40c80129667a49093) ### [machine-config-operator](https://github.com/openshift/machine-config-operator/tree/88140227ee7d79c77092efd92b5a4363971333e2) * [OCPBUGS-29721](https://issues.redhat.com/browse/OCPBUGS-29721): Add existing kubeletconfig/ctrcfg mc-name-suffix annotation [#4206](https://github.com/openshift/machine-config-operator/pull/4206) * [OCPBUGS-30285](https://issues.redhat.com/browse/OCPBUGS-30285): set nodeStatusReportFrequency [#4243](https://github.com/openshift/machine-config-operator/pull/4243) * [OCPBUGS-28740](https://issues.redhat.com/browse/OCPBUGS-28740): crio: drop automatic image cleanup on upgrades [#4154](https://github.com/openshift/machine-config-operator/pull/4154) * [OCPBUGS-29151](https://issues.redhat.com/browse/OCPBUGS-29151): fix nodeStatusUpdateFrequency [#4170](https://github.com/openshift/machine-config-operator/pull/4170) * [OCPBUGS-24661](https://issues.redhat.com/browse/OCPBUGS-24661): daemon: Add support for new nmstate logic [#4036](https://github.com/openshift/machine-config-operator/pull/4036) * [OCPBUGS-27816](https://issues.redhat.com/browse/OCPBUGS-27816): use *resource.Quantity to not automatically set 0 [#4141](https://github.com/openshift/machine-config-operator/pull/4141) * [OCPBUGS-22272](https://issues.redhat.com/browse/OCPBUGS-22272), [OCPBUGS-27172](https://issues.redhat.com/browse/OCPBUGS-27172): kubelet: fix kubelet labels [#4120](https://github.com/openshift/machine-config-operator/pull/4120) * [OCPBUGS-27096](https://issues.redhat.com/browse/OCPBUGS-27096): Azure Run ovs-configuration.service before dnsmasq.service [#4115](https://github.com/openshift/machine-config-operator/pull/4115) * [OCPBUGS-19658](https://issues.redhat.com/browse/OCPBUGS-19658): After dual-stack conversion reconcile IPFamilies [#3935](https://github.com/openshift/machine-config-operator/pull/3935) * [OCPBUGS-23468](https://issues.redhat.com/browse/OCPBUGS-23468): support icsp and idms objects [#4027](https://github.com/openshift/machine-config-operator/pull/4027) * [OCPBUGS-23536](https://issues.redhat.com/browse/OCPBUGS-23536): Introduce kubelet-dependencies.target and firstboot-osupdate.target [#4043](https://github.com/openshift/machine-config-operator/pull/4043) * [OCPBUGS-21052](https://issues.redhat.com/browse/OCPBUGS-21052): Update library-go and kube deps to latest version [#4011](https://github.com/openshift/machine-config-operator/pull/4011) * [OCPBUGS-22205](https://issues.redhat.com/browse/OCPBUGS-22205): Consider ingress VIPs when selecting node IP [#3991](https://github.com/openshift/machine-config-operator/pull/3991) * [OCPBUGS-18031](https://issues.redhat.com/browse/OCPBUGS-18031): on-prem: run resolv-prepender on NM reapply event [#3880](https://github.com/openshift/machine-config-operator/pull/3880) * [OCPBUGS-22412](https://issues.redhat.com/browse/OCPBUGS-22412): bootstrap_test: always set APIVersion and Kind for DNS [#4002](https://github.com/openshift/machine-config-operator/pull/4002) * [OCPBUGS-21721](https://issues.redhat.com/browse/OCPBUGS-21721): install/0000_90_machine-config-operator_90_deletion: Drop this file [#3983](https://github.com/openshift/machine-config-operator/pull/3983) * [OCPBUGS-20333](https://issues.redhat.com/browse/OCPBUGS-20333): resolv-prepender: avoid pulling baremetalRuntimeCfgImage again if it … [#3962](https://github.com/openshift/machine-config-operator/pull/3962) * [OCPBUGS-18803](https://issues.redhat.com/browse/OCPBUGS-18803): Soften grep pattern for ingress default router [#3908](https://github.com/openshift/machine-config-operator/pull/3908) * [OCPBUGS-19958](https://issues.redhat.com/browse/OCPBUGS-19958): [release-4.13] Backport logspam PRs [#3950](https://github.com/openshift/machine-config-operator/pull/3950) * [OCPBUGS-19675](https://issues.redhat.com/browse/OCPBUGS-19675): daemon: always use `podman cp` to copy extensions container content [#3938](https://github.com/openshift/machine-config-operator/pull/3938) * [OCPBUGS-19400](https://issues.redhat.com/browse/OCPBUGS-19400): install: Recreate and delayed default ServiceAccount deletion [#3923](https://github.com/openshift/machine-config-operator/pull/3923) * [OCPBUGS-19509](https://issues.redhat.com/browse/OCPBUGS-19509): Ignore invoking nbctl calls if its SDN [#3929](https://github.com/openshift/machine-config-operator/pull/3929) * [OCPBUGS-19414](https://issues.redhat.com/browse/OCPBUGS-19414): The kubeconfig copied on to each node has 644 permissions [#3924](https://github.com/openshift/machine-config-operator/pull/3924) * [OCPBUGS-18159](https://issues.redhat.com/browse/OCPBUGS-18159): Ensure azure-routes hack for internalLB hairpin traffic works for SGW [#3904](https://github.com/openshift/machine-config-operator/pull/3904) * [OCPBUGS-16218](https://issues.redhat.com/browse/OCPBUGS-16218): Prevent NM from unsetting the hostname [#3805](https://github.com/openshift/machine-config-operator/pull/3805) * [OCPBUGS-17997](https://issues.redhat.com/browse/OCPBUGS-17997): SSHkeys fails to write on upgrade to 4.13.rc3 [#3879](https://github.com/openshift/machine-config-operator/pull/3879) * [OCPBUGS-18076](https://issues.redhat.com/browse/OCPBUGS-18076): daemon: create /etc/systemd/network directory on node [#3888](https://github.com/openshift/machine-config-operator/pull/3888) * [OCPBUGS-17769](https://issues.redhat.com/browse/OCPBUGS-17769): Agent-based install process the container machine-config-controller will be oom [#3868](https://github.com/openshift/machine-config-operator/pull/3868) * [OKD-174](https://issues.redhat.com/browse/OKD-174): Dockerfile: OKD: Reenable extensions image on SCOS [#3845](https://github.com/openshift/machine-config-operator/pull/3845) * [OCPBUGS-17430](https://issues.redhat.com/browse/OCPBUGS-17430): The machine-config-controller pod restart in SNO+1 causing daemonsets to restart [#3841](https://github.com/openshift/machine-config-operator/pull/3841) * [OCPBUGS-17163](https://issues.redhat.com/browse/OCPBUGS-17163): daemon: Always replace binary [#3833](https://github.com/openshift/machine-config-operator/pull/3833) * [OCPBUGS-16888](https://issues.redhat.com/browse/OCPBUGS-16888): daemon: Make binary writing idempotent [#3826](https://github.com/openshift/machine-config-operator/pull/3826) * [OCPBUGS-16888](https://issues.redhat.com/browse/OCPBUGS-16888): daemon: no need to reexec when target and source rhel version is same [#3824](https://github.com/openshift/machine-config-operator/pull/3824) * [OCPBUGS-16622](https://issues.redhat.com/browse/OCPBUGS-16622): daemon: Copy matching binary to host, re-exec with it [#3812](https://github.com/openshift/machine-config-operator/pull/3812) * [OCPNODE-1717](https://issues.redhat.com/browse/OCPNODE-1717): Update config node spec while explicitly updating the cgroups mode [#3793](https://github.com/openshift/machine-config-operator/pull/3793) * 4.13: Revert rhel9 binaries builds [#3802](https://github.com/openshift/machine-config-operator/pull/3802) * [OCPBUGS-14459](https://issues.redhat.com/browse/OCPBUGS-14459): daemon: Remove noisy log message [#3723](https://github.com/openshift/machine-config-operator/pull/3723) * [OCPBUGS-15580](https://issues.redhat.com/browse/OCPBUGS-15580): 4.13: Dockerfile: update rhel7 nmstate pin [#3764](https://github.com/openshift/machine-config-operator/pull/3764) * [OCPBUGS-15463](https://issues.redhat.com/browse/OCPBUGS-15463): Minor fix to support protectKernelDefaults field in Kubelet Config [#3757](https://github.com/openshift/machine-config-operator/pull/3757) * 4.13: Dockerfile: use proper rhel9 image [#3771](https://github.com/openshift/machine-config-operator/pull/3771) * 4.13: use rhel9 builder for daemon binary [#3760](https://github.com/openshift/machine-config-operator/pull/3760) * [OCPBUGS-13311](https://issues.redhat.com/browse/OCPBUGS-13311): daemon: write certs in firstboot-complete path [#3702](https://github.com/openshift/machine-config-operator/pull/3702) * [OCPBUGS-13404](https://issues.redhat.com/browse/OCPBUGS-13404), [OCPBUGS-14298](https://issues.redhat.com/browse/OCPBUGS-14298): Dockerfile: pin to nmstate-2.2.9-6.rhaos4.13.el8 [#3716](https://github.com/openshift/machine-config-operator/pull/3716) * [OCPBUGS-14850](https://issues.redhat.com/browse/OCPBUGS-14850): Allow userfaultfd syscall to be used by unprivileged users [#3743](https://github.com/openshift/machine-config-operator/pull/3743) * [OCPBUGS-13974](https://issues.redhat.com/browse/OCPBUGS-13974): MCO-496: Support ignition versions 3.3 + 3.4 but keep version 3.2 as default [#3714](https://github.com/openshift/machine-config-operator/pull/3714) * [Full changelog](https://github.com/openshift/machine-config-operator/compare/1ae3805822dfee3263bfd553d49fd36c648fbd12...88140227ee7d79c77092efd92b5a4363971333e2) ### [machine-image-customization-controller](https://github.com/openshift/image-customization-controller/tree/34a4abe6ec47fff69476695eccffdb27fe23780c) * [OCPBUGS-27089](https://issues.redhat.com/browse/OCPBUGS-27089): configurable ironic agent vlan creation [#117](https://github.com/openshift/image-customization-controller/pull/117) * [OCPBUGS-21549](https://issues.redhat.com/browse/OCPBUGS-21549): Uplift x/net to v0.17.0 [#105](https://github.com/openshift/image-customization-controller/pull/105) * [OCPBUGS-19006](https://issues.redhat.com/browse/OCPBUGS-19006): Pass BareMetalHost name to IPA (take 2) [#98](https://github.com/openshift/image-customization-controller/pull/98) * [OCPBUGS-14250](https://issues.redhat.com/browse/OCPBUGS-14250): Watch networkData Secrets for changes [#95](https://github.com/openshift/image-customization-controller/pull/95) * [Full changelog](https://github.com/openshift/image-customization-controller/compare/87651668b314426960ea4974429f3b0ed16c3f31...34a4abe6ec47fff69476695eccffdb27fe23780c) ### [multus-admission-controller](https://github.com/openshift/multus-admission-controller/tree/9b0656af8316420bf05a7d3a0969feded615ed64) * [OCPBUGS-21353](https://issues.redhat.com/browse/OCPBUGS-21353): Update go.mod for CVE-2023-39325 [Release-4.13] [#72](https://github.com/openshift/multus-admission-controller/pull/72) * [OCPBUGS-13709](https://issues.redhat.com/browse/OCPBUGS-13709): Bump golang.org/x/net from 0.0.0-20211209124913-491a49abca63 to 0.7.0 [#68](https://github.com/openshift/multus-admission-controller/pull/68) * [Full changelog](https://github.com/openshift/multus-admission-controller/compare/d6d52a7a7df2243056c5db83cc10885ac2ca775b...9b0656af8316420bf05a7d3a0969feded615ed64) ### [multus-cni](https://github.com/openshift/multus-cni/tree/906067fdbf94800efb89895b38ae037947a12b46) * [OCPBUGS-21076](https://issues.redhat.com/browse/OCPBUGS-21076): Update go.mod for CVE-2023-39325 [Release-4.13] [#195](https://github.com/openshift/multus-cni/pull/195) * Add rhel9 binary for multus [#169](https://github.com/openshift/multus-cni/pull/169) * [OCPBUGS-8398](https://issues.redhat.com/browse/OCPBUGS-8398): Multus entrypoint should regenerate kubeconfig if secret changes [backport 4.13] [#154](https://github.com/openshift/multus-cni/pull/154) * [OCPBUGS-13759](https://issues.redhat.com/browse/OCPBUGS-13759): Bump golang.org/x/net from 0.1.0 to 0.7.0 (#1039) [#161](https://github.com/openshift/multus-cni/pull/161) * [Full changelog](https://github.com/openshift/multus-cni/compare/5d283fa3cf7f7e599c919ed7a37604f09df33062...906067fdbf94800efb89895b38ae037947a12b46) ### [multus-networkpolicy](https://github.com/openshift/multus-networkpolicy/tree/7176ab75edaf6328bb1da06ba55378815271d218) * [OCPBUGS-12641](https://issues.redhat.com/browse/OCPBUGS-12641): CVE-2022-41723: Update vendors to fix dependabot alerts [#28](https://github.com/openshift/multus-networkpolicy/pull/28) * [Full changelog](https://github.com/openshift/multus-networkpolicy/compare/98a0bad1071074f0c04c35ff209f0333c5d7274b...7176ab75edaf6328bb1da06ba55378815271d218) ### [multus-route-override-cni](https://github.com/openshift/route-override-cni/tree/ca3bbec5c75ebcd6814bdd74856b27db755c9fa3) * Add rhel9 binary [#37](https://github.com/openshift/route-override-cni/pull/37) * [Full changelog](https://github.com/openshift/route-override-cni/compare/6644ac7ba8481b2c7b035390d20d28ba4b55c5ab...ca3bbec5c75ebcd6814bdd74856b27db755c9fa3) ### [multus-whereabouts-ipam-cni](https://github.com/openshift/whereabouts-cni/tree/3f39bc89d13222d2209665323b6c47fc58fcdc22) * [OCPBUGS-27958](https://issues.redhat.com/browse/OCPBUGS-27958): Enable reconciler configuration [#241](https://github.com/openshift/whereabouts-cni/pull/241) * [OCPBUGS-27367](https://issues.redhat.com/browse/OCPBUGS-27367): [release-4.13] Backport fix assignment [#236](https://github.com/openshift/whereabouts-cni/pull/236) * [OCPBUGS-21512](https://issues.redhat.com/browse/OCPBUGS-21512): update golang.org/x/net to v0.17.0 [#208](https://github.com/openshift/whereabouts-cni/pull/208) * [OCPBUGS-4417](https://issues.redhat.com/browse/OCPBUGS-4417): Denormalize IP name before checking if pod is alive [Backport 4.13] [#168](https://github.com/openshift/whereabouts-cni/pull/168) * [OCPBUGS-15956](https://issues.redhat.com/browse/OCPBUGS-15956): Updating ose-multus-whereabouts-ipam-cni images to be consistent with ART [#138](https://github.com/openshift/whereabouts-cni/pull/138) * [Bug 16002](https://bugzilla.redhat.com/show_bug.cgi?id=16002): Change default binary to RHEL8 image [#144](https://github.com/openshift/whereabouts-cni/pull/144) * Restores RHEL specific binary build in dockerfile and updates to rhel9/8 [#139](https://github.com/openshift/whereabouts-cni/pull/139) * [Full changelog](https://github.com/openshift/whereabouts-cni/compare/9f36752562fc784c9b5bf3fb4d592aae19ea31ad...3f39bc89d13222d2209665323b6c47fc58fcdc22) ### [must-gather](https://github.com/openshift/must-gather/tree/288ef2fcfe63cbfab0af69a41b508c044ee890aa) * [OCPBUGS-19928](https://issues.redhat.com/browse/OCPBUGS-19928): [release-4.13] Add csi-proxy logs collection in must-gather for Windows nodes [#383](https://github.com/openshift/must-gather/pull/383) * [Full changelog](https://github.com/openshift/must-gather/compare/5eca0cb65ea6dd13f907d1f7493ed237f07e3906...288ef2fcfe63cbfab0af69a41b508c044ee890aa) ### [network-interface-bond-cni](https://github.com/openshift/bond-cni/tree/84bda2afb2ab260253b77d5d282df773cc6b3438) * Add rhel9 binary [#56](https://github.com/openshift/bond-cni/pull/56) * [Full changelog](https://github.com/openshift/bond-cni/compare/937b1e6a35d6b533a417b0c313cc0e498fffdd3b...84bda2afb2ab260253b77d5d282df773cc6b3438) ### [network-metrics-daemon](https://github.com/openshift/network-metrics-daemon/tree/3ef81a5c468171f22d626c544fd7f02adc156ceb) * Added METRIC_TEST_IMAGE var (#90) [#90](https://github.com/openshift/network-metrics-daemon/pull/90) * Update the k8s dependencies to 1.26.10 (#83) [#83](https://github.com/openshift/network-metrics-daemon/pull/83) * [Full changelog](https://github.com/openshift/network-metrics-daemon/compare/e72c8ad1581132817c09e23295f55425a14a5c58...3ef81a5c468171f22d626c544fd7f02adc156ceb) ### [network-tools](https://github.com/openshift/network-tools/tree/073feda14fbd894c4238d693afa38a06392f2360) * Dockerfile: move to RHEL9 base image [#83](https://github.com/openshift/network-tools/pull/83) * [Full changelog](https://github.com/openshift/network-tools/compare/b4098c67659217e36ac7077229b25bbe2c3e5f38...073feda14fbd894c4238d693afa38a06392f2360) ### [nutanix-machine-controllers](https://github.com/openshift/machine-api-provider-nutanix/tree/105c515996ed0856eca89e75b166e70331d95856) * [OCPBUGS-24563](https://issues.redhat.com/browse/OCPBUGS-24563): Reduce metrics cardinality [#59](https://github.com/openshift/machine-api-provider-nutanix/pull/59) * [OCPBUGS-25459](https://issues.redhat.com/browse/OCPBUGS-25459): Fix CI by running tests natively by default [#60](https://github.com/openshift/machine-api-provider-nutanix/pull/60) * [Full changelog](https://github.com/openshift/machine-api-provider-nutanix/compare/be43191e5b20c7d6a5755a39a22d31e7734b241a...105c515996ed0856eca89e75b166e70331d95856) ### [oauth-apiserver](https://github.com/openshift/oauth-apiserver/tree/89d9537c1d247f08990eb085a80fd5f27f84efee) * [OCPBUGS-28674](https://issues.redhat.com/browse/OCPBUGS-28674): Fix HTTP/2 deps for release-4.13 [#102](https://github.com/openshift/oauth-apiserver/pull/102) * [Full changelog](https://github.com/openshift/oauth-apiserver/compare/41c2dfea104b3c686a00b068654843b48b4db53f...89d9537c1d247f08990eb085a80fd5f27f84efee) ### [oauth-proxy](https://github.com/openshift/oauth-proxy/tree/44af5a3a021fd158c2e44d9951ad59a3d474cdf3) * [OCPBUGS-16805](https://issues.redhat.com/browse/OCPBUGS-16805): Updating golang-github-openshift-oauth-proxy images to be consistent with ART [#261](https://github.com/openshift/oauth-proxy/pull/261) * [Full changelog](https://github.com/openshift/oauth-proxy/compare/03e5b13b8b7087dd70abfd70efb4c5b92f800a4f...44af5a3a021fd158c2e44d9951ad59a3d474cdf3) ### [oauth-server](https://github.com/openshift/oauth-server/tree/eb54be281d8f215a6eaa6e10ed1b303c7d064bac) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): update osin to latest version [#139](https://github.com/openshift/oauth-server/pull/139) * [Full changelog](https://github.com/openshift/oauth-server/compare/b841149f2ec0c1ffcb0393e6f70b1e4547f3b18e...eb54be281d8f215a6eaa6e10ed1b303c7d064bac) ### [oc-mirror](https://github.com/openshift/oc-mirror/tree/02f5c90659ba54c0adcb2d175e89864e323263de) * [OCPBUGS-385](https://issues.redhat.com/browse/OCPBUGS-385): Capability to override default channel (#749) (#791) [#749](https://github.com/openshift/oc-mirror/pull/749) * [OCPBUGS-19429](https://issues.redhat.com/browse/OCPBUGS-19429): Fix cross EUS channel upgrade path calculation (#775) [#775](https://github.com/openshift/oc-mirror/pull/775) * [OCPBUGS-21460](https://issues.redhat.com/browse/OCPBUGS-21460): Fix CVE-2023-44487 and CVE-2023-39325 (#714) [#714](https://github.com/openshift/oc-mirror/pull/714) * Fix OCPBUGS-17546: pod catalogsource generated by oc-mirror will crashloopBackOff randomly (#700) [#700](https://github.com/openshift/oc-mirror/pull/700) * Fix OCPBUGS-14402 (#675) [#675](https://github.com/openshift/oc-mirror/pull/675) * [OCPBUGS-18556](https://issues.redhat.com/browse/OCPBUGS-18556): operator catalogs from oc-mirror fail to deploy because of invalid caches (#691) [#691](https://github.com/openshift/oc-mirror/pull/691) * [OCPBUGS-18106](https://issues.redhat.com/browse/OCPBUGS-18106): manual cherrypick (#684) [#684](https://github.com/openshift/oc-mirror/pull/684) * [OCPBUGS-17998](https://issues.redhat.com/browse/OCPBUGS-17998): fix: ICSP with incorrect mirror path (#685) [#685](https://github.com/openshift/oc-mirror/pull/685) * [OCPBUGS-17453](https://issues.redhat.com/browse/OCPBUGS-17453): Fix " OCI index found, but accept header does not support OCI indexes (#677) [#677](https://github.com/openshift/oc-mirror/pull/677) * [OCPBUGS-16372](https://issues.redhat.com/browse/OCPBUGS-16372): A variety of changes needed for correct operation with multi… (#661) [#661](https://github.com/openshift/oc-mirror/pull/661) * [OCPBUGS-13871](https://issues.redhat.com/browse/OCPBUGS-13871): fix: changes on help info content (#654) [#654](https://github.com/openshift/oc-mirror/pull/654) * Fix OCPBUGS-11840: ParseImageReference supports cases where both tag and digest are present in a ref (#637) [#637](https://github.com/openshift/oc-mirror/pull/637) * Removes Ross and adds Jeremy in the OWNER file (#645) [#645](https://github.com/openshift/oc-mirror/pull/645) * [Full changelog](https://github.com/openshift/oc-mirror/compare/aee430b90e7e3920d9798669cafaf70294314d44...02f5c90659ba54c0adcb2d175e89864e323263de) ### [olm-rukpak](https://github.com/openshift/operator-framework-rukpak/tree/af471187e8e0623d2591feb64192a2ccacf5e270) * : OCPBUGS-27594,OCPBUGS-27679: Update go-git to v5.11.0 [#75](https://github.com/openshift/operator-framework-rukpak/pull/75) * [OCPBUGS-23403](https://issues.redhat.com/browse/OCPBUGS-23403): [release-4.13] Address http2 vulnerability [#58](https://github.com/openshift/operator-framework-rukpak/pull/58) * [OCPBUGS-21363](https://issues.redhat.com/browse/OCPBUGS-21363): [release-4.13] Bump golang.org/x/net to v0.17.0 [#40](https://github.com/openshift/operator-framework-rukpak/pull/40) * UPSTREAM: <carry>: add downstream owners [#42](https://github.com/openshift/operator-framework-rukpak/pull/42) * [Full changelog](https://github.com/openshift/operator-framework-rukpak/compare/66b3e551fc2730beb4c46d478166b38766c5f346...af471187e8e0623d2591feb64192a2ccacf5e270) ### [openshift-apiserver](https://github.com/openshift/openshift-apiserver/tree/6c0733082d6ff258dc8787ef2e84c1ceb51a0655) * : OCPBUGS-21449: Enable HTTP/2 CVE mitigation [#398](https://github.com/openshift/openshift-apiserver/pull/398) * [Full changelog](https://github.com/openshift/openshift-apiserver/compare/0b82768216c0c0ffb171457fce71b3806c586e7c...6c0733082d6ff258dc8787ef2e84c1ceb51a0655) ### [openshift-controller-manager](https://github.com/openshift/openshift-controller-manager/tree/385057e57752b7b4f21ef32d7a7993d266a591eb) * [OCPBUGS-11091](https://issues.redhat.com/browse/OCPBUGS-11091): mount build.Spec.Source.ConfigMaps for custom builder images [#257](https://github.com/openshift/openshift-controller-manager/pull/257) * [Full changelog](https://github.com/openshift/openshift-controller-manager/compare/87de83867ac51730f506138ee790a56ca21d9fc9...385057e57752b7b4f21ef32d7a7993d266a591eb) ### [openshift-state-metrics](https://github.com/openshift/openshift-state-metrics/tree/9be421f0c013c7f134c1d7cfe1c0ee2f2ae8eaf6) * [OCPBUGS-20723](https://issues.redhat.com/browse/OCPBUGS-20723): bump `x/net` to v0.17.0 [#108](https://github.com/openshift/openshift-state-metrics/pull/108) * [Full changelog](https://github.com/openshift/openshift-state-metrics/compare/7beb8807e2c0092b5e580a29903ff060140d8ff0...9be421f0c013c7f134c1d7cfe1c0ee2f2ae8eaf6) ### [openstack-cinder-csi-driver-operator](https://github.com/openshift/openstack-cinder-csi-driver-operator/tree/b50a649be8b691a6081487330da17e55d242a2e5) * [OCPBUGS-21565](https://issues.redhat.com/browse/OCPBUGS-21565): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#136](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/136) * [OCPBUGS-16250](https://issues.redhat.com/browse/OCPBUGS-16250): Add management workloads annotations [#125](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/125) * [OCPBUGS-17071](https://issues.redhat.com/browse/OCPBUGS-17071): Fix SCC admission failure race during initial deployment [#124](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/124) * [Full changelog](https://github.com/openshift/openstack-cinder-csi-driver-operator/compare/14fcca54f20d18045e382cc0699f97e4a1e760ac...b50a649be8b691a6081487330da17e55d242a2e5) ### [openstack-machine-api-provider](https://github.com/openshift/machine-api-provider-openstack/tree/7bce9d67fba63a0ed6a39b78488da8e85bf07dbd) * Bug OCPBUGS-19460: Set controller's SyncPeriod to 1 hour [#85](https://github.com/openshift/machine-api-provider-openstack/pull/85) * [Full changelog](https://github.com/openshift/machine-api-provider-openstack/compare/36f48b76303aea04f997cda658ca5e25841a079c...7bce9d67fba63a0ed6a39b78488da8e85bf07dbd) ### [operator-lifecycle-manager, operator-registry](https://github.com/openshift/operator-framework-olm/tree/4cc5232d665151b2ee1c75df3061dfa11645fbbc) * [OCPBUGS-27564](https://issues.redhat.com/browse/OCPBUGS-27564), [OCPBUGS-27569](https://issues.redhat.com/browse/OCPBUGS-27569), [OCPBUGS-27649](https://issues.redhat.com/browse/OCPBUGS-27649), [OCPBUGS-27654](https://issues.redhat.com/browse/OCPBUGS-27654): bump go-git/v5 to 5.11.0 [#682](https://github.com/openshift/operator-framework-olm/pull/682) * [OCPBUGS-28228](https://issues.redhat.com/browse/OCPBUGS-28228): Registry Pod Controller Flag [#672](https://github.com/openshift/operator-framework-olm/pull/672) * [OCPBUGS-27891](https://issues.redhat.com/browse/OCPBUGS-27891): [CARRY] SSC RBAC [#669](https://github.com/openshift/operator-framework-olm/pull/669) * [OCPBUGS-8653](https://issues.redhat.com/browse/OCPBUGS-8653): bump golang-migrate to v4.16.1 (#1107) [#649](https://github.com/openshift/operator-framework-olm/pull/649) * [OCPBUGS-20815](https://issues.redhat.com/browse/OCPBUGS-20815): [release-4.13] fix apiserver vulnerability [#616](https://github.com/openshift/operator-framework-olm/pull/616) * [OCPBUGS-22133](https://issues.redhat.com/browse/OCPBUGS-22133): [release-4.13] Bump golang.org/x/net to v0.17.0 [#589](https://github.com/openshift/operator-framework-olm/pull/589) * [OCPBUGS-18305](https://issues.redhat.com/browse/OCPBUGS-18305), [RHIBMCS-151](https://issues.redhat.com/browse/RHIBMCS-151): Copied csv listing backport [#548](https://github.com/openshift/operator-framework-olm/pull/548) * [OCPBUGS-17791](https://issues.redhat.com/browse/OCPBUGS-17791): opm: always serve pprof endpoints, improve server allocations (#1129) [#540](https://github.com/openshift/operator-framework-olm/pull/540) * Introduce DOWNSTREAM_OWNERS file [#538](https://github.com/openshift/operator-framework-olm/pull/538) * Allow cpb to be statically compiled / exempt from FIPS compliance [#519](https://github.com/openshift/operator-framework-olm/pull/519) * [OCPBUGS-15589](https://issues.redhat.com/browse/OCPBUGS-15589): fix dynamic conversion webhook [#499](https://github.com/openshift/operator-framework-olm/pull/499) * [Full changelog](https://github.com/openshift/operator-framework-olm/compare/ce46f5b97e4838c4508f6dc471cabc1199a8f0b9...4cc5232d665151b2ee1c75df3061dfa11645fbbc) ### [operator-marketplace](https://github.com/operator-framework/operator-marketplace/tree/867e7ed80fdbc6f5bb88f1589da740d9bd1d5721) * [OCPBUGS-20977](https://issues.redhat.com/browse/OCPBUGS-20977): [release-4.13] bump golang.org/x/net to 0.17.0 [#549](https://github.com/operator-framework/operator-marketplace/pull/549) * [OCPBUGS-19085](https://issues.redhat.com/browse/OCPBUGS-19085): Updating marketplace-operator images to be consistent with ART [#538](https://github.com/operator-framework/operator-marketplace/pull/538) * [OCPBUGS-18502](https://issues.redhat.com/browse/OCPBUGS-18502): remove a race condition [#532](https://github.com/operator-framework/operator-marketplace/pull/532) * [Full changelog](https://github.com/operator-framework/operator-marketplace/compare/d569c22c518fc931ff48f66fb38064ddd976729f...867e7ed80fdbc6f5bb88f1589da740d9bd1d5721) ### [ovirt-csi-driver](https://github.com/openshift/ovirt-csi-driver/tree/54958deb4998e08696af0abe3585486a6b5b6800) * [OCPBUGS-23155](https://issues.redhat.com/browse/OCPBUGS-23155): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#130](https://github.com/openshift/ovirt-csi-driver/pull/130) * [Full changelog](https://github.com/openshift/ovirt-csi-driver/compare/f21b470f4927f97eca93a0a390cffccd7d724043...54958deb4998e08696af0abe3585486a6b5b6800) ### [ovirt-csi-driver-operator](https://github.com/openshift/ovirt-csi-driver-operator/tree/b293972fe2c5eef4262130de621e75e5d0c37d8e) * [OCPBUGS-23241](https://issues.redhat.com/browse/OCPBUGS-23241): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#127](https://github.com/openshift/ovirt-csi-driver-operator/pull/127) * [OCPBUGS-16250](https://issues.redhat.com/browse/OCPBUGS-16250): Add management workloads annotations [#120](https://github.com/openshift/ovirt-csi-driver-operator/pull/120) * [OCPBUGS-14653](https://issues.redhat.com/browse/OCPBUGS-14653): set upgrade condition of operator to false [#118](https://github.com/openshift/ovirt-csi-driver-operator/pull/118) * [Full changelog](https://github.com/openshift/ovirt-csi-driver-operator/compare/3e49f77c34922a7e2ce675825cb5ff3bca3a6dbd...b293972fe2c5eef4262130de621e75e5d0c37d8e) ### [ovn-kubernetes-microshift-rhel-9, ovn-kubernetes-rhel-9](https://github.com/openshift/ovn-kubernetes/tree/9f1ac2c23d6bb19518dc440ad1dae74b65e98abe) * [OCPBUGS-29851](https://issues.redhat.com/browse/OCPBUGS-29851): Egress IP, Services: use all node IP addresses [#2090](https://github.com/openshift/ovn-kubernetes/pull/2090) * [OCPBUGS-28630](https://issues.redhat.com/browse/OCPBUGS-28630): Synchronize node primary address update [#2036](https://github.com/openshift/ovn-kubernetes/pull/2036) * [OCPBUGS-25611](https://issues.redhat.com/browse/OCPBUGS-25611): Avoid panic due to stale ACLs with 1013 priority [#1987](https://github.com/openshift/ovn-kubernetes/pull/1987) * [OCPBUGS-27257](https://issues.redhat.com/browse/OCPBUGS-27257): Ensure session affinity cleanup on backend removal [#2022](https://github.com/openshift/ovn-kubernetes/pull/2022) * [OCPBUGS-27736](https://issues.redhat.com/browse/OCPBUGS-27736): CARRY: Updates owners and adds Surya [#2024](https://github.com/openshift/ovn-kubernetes/pull/2024) * [OCPBUGS-24419](https://issues.redhat.com/browse/OCPBUGS-24419): OVNK/GW: Ignore headless services in syncServices [#1971](https://github.com/openshift/ovn-kubernetes/pull/1971) * [OCPBUGS-23258](https://issues.redhat.com/browse/OCPBUGS-23258): Update leaderelection config to allow retries [#1992](https://github.com/openshift/ovn-kubernetes/pull/1992) * [OCPBUGS-26242](https://issues.redhat.com/browse/OCPBUGS-26242): Fix Egress IP Deletion Handler to Prevent OVN Policy Leaks [#2011](https://github.com/openshift/ovn-kubernetes/pull/2011) * [OCPBUGS-25923](https://issues.redhat.com/browse/OCPBUGS-25923): Forward ICMP packets to OVN loadbalancer [#2004](https://github.com/openshift/ovn-kubernetes/pull/2004) * [OCPBUGS-25224](https://issues.redhat.com/browse/OCPBUGS-25224): [release-4.13] fixes MTU configuration on gateway router [#1988](https://github.com/openshift/ovn-kubernetes/pull/1988) * [OCPBUGS-14799](https://issues.redhat.com/browse/OCPBUGS-14799): Updating endpoints when using allocateLBNP=0, lgw mode fails [#1940](https://github.com/openshift/ovn-kubernetes/pull/1940) * [OCPBUGS-25095](https://issues.redhat.com/browse/OCPBUGS-25095): Fragment oversized reply packets in LGW mode [#1983](https://github.com/openshift/ovn-kubernetes/pull/1983) * [OCPBUGS-24391](https://issues.redhat.com/browse/OCPBUGS-24391): Limit OVN-Kubernetes RBAC permissions [#1950](https://github.com/openshift/ovn-kubernetes/pull/1950) * [OCPBUGS-23014](https://issues.redhat.com/browse/OCPBUGS-23014): Netpol retryFramework cleanup [#1957](https://github.com/openshift/ovn-kubernetes/pull/1957) * [OCPBUGS-24263](https://issues.redhat.com/browse/OCPBUGS-24263): Bump OVN to 23.06.1-39.el9fdp [#1966](https://github.com/openshift/ovn-kubernetes/pull/1966) * [OCPBUGS-14314](https://issues.redhat.com/browse/OCPBUGS-14314): Fix compilation error in e2e.go tests due to missing int32 parameter [#1682](https://github.com/openshift/ovn-kubernetes/pull/1682) * [OCPBUGS-20047](https://issues.redhat.com/browse/OCPBUGS-20047): Adjust python ssl library dependency check [#1924](https://github.com/openshift/ovn-kubernetes/pull/1924) * [OCPBUGS-18976](https://issues.redhat.com/browse/OCPBUGS-18976): Update bridge flow cache when the host address changes [#1873](https://github.com/openshift/ovn-kubernetes/pull/1873) * [OCPBUGS-18791](https://issues.redhat.com/browse/OCPBUGS-18791), [OCPBUGS-18792](https://issues.redhat.com/browse/OCPBUGS-18792), [OCPBUGS-19088](https://issues.redhat.com/browse/OCPBUGS-19088), [OCPBUGS-7406](https://issues.redhat.com/browse/OCPBUGS-7406): Dockerfile: bump OVN to ovn23.06-23.06.1-8.el9fdp [#1880](https://github.com/openshift/ovn-kubernetes/pull/1880) * [OCPBUGS-18672](https://issues.redhat.com/browse/OCPBUGS-18672): Check libovsdbclient.ErrNotFound on wrapped errors [#1861](https://github.com/openshift/ovn-kubernetes/pull/1861) * [OCPBUGS-19449](https://issues.redhat.com/browse/OCPBUGS-19449): Do not return error if pod IP cannot be retrieved for `podSelectorPodNeedsDelete` and perf improvements [#1893](https://github.com/openshift/ovn-kubernetes/pull/1893) * [OCPBUGS-18585](https://issues.redhat.com/browse/OCPBUGS-18585): Fix OVN SNATing on GR by enabling gateway_mtu on rtoe port of GR [#1855](https://github.com/openshift/ovn-kubernetes/pull/1855) * [OCPBUGS-17123](https://issues.redhat.com/browse/OCPBUGS-17123): Remove stale egressip status entry [#1793](https://github.com/openshift/ovn-kubernetes/pull/1793) * [OCPBUGS-18057](https://issues.redhat.com/browse/OCPBUGS-18057): [release-4.13] Create egress firewall with one db transaction [#1834](https://github.com/openshift/ovn-kubernetes/pull/1834) * [OCPBUGS-17910](https://issues.redhat.com/browse/OCPBUGS-17910): Emit node events only when retry failure [#1825](https://github.com/openshift/ovn-kubernetes/pull/1825) * [OCPBUGS-17503](https://issues.redhat.com/browse/OCPBUGS-17503): [release-4.13] libovsdb: give monitor setup time to process than normal transactions [#1807](https://github.com/openshift/ovn-kubernetes/pull/1807) * [OCPBUGS-13175](https://issues.redhat.com/browse/OCPBUGS-13175): Check the status of a pod before trying to get its ip [#1724](https://github.com/openshift/ovn-kubernetes/pull/1724) * [OCPBUGS-15496](https://issues.redhat.com/browse/OCPBUGS-15496): Fix default GW IPs retrieval [#1738](https://github.com/openshift/ovn-kubernetes/pull/1738) * [OCPBUGS-17001](https://issues.redhat.com/browse/OCPBUGS-17001): Inactivity probe for ovndb connection [#1796](https://github.com/openshift/ovn-kubernetes/pull/1796) * [OCPBUGS-17120](https://issues.redhat.com/browse/OCPBUGS-17120): Bump OVN to 23.06-23.06.0-51 [#1790](https://github.com/openshift/ovn-kubernetes/pull/1790) * [OCPBUGS-16121](https://issues.redhat.com/browse/OCPBUGS-16121): [release-4.13]: Delete address sets after acls that reference them [#1762](https://github.com/openshift/ovn-kubernetes/pull/1762) * [OCPBUGS-15368](https://issues.redhat.com/browse/OCPBUGS-15368): [release-4.13]: initial pods are not wired for hybrid overlay [#1721](https://github.com/openshift/ovn-kubernetes/pull/1721) * [OCPBUGS-15651](https://issues.redhat.com/browse/OCPBUGS-15651): Improve syncNodes to remove stale data [#1731](https://github.com/openshift/ovn-kubernetes/pull/1731) * [OCPBUGS-15586](https://issues.redhat.com/browse/OCPBUGS-15586): [release-4.13]: Allow hostNetwork ingress for network policies with empty namespace selector [#1745](https://github.com/openshift/ovn-kubernetes/pull/1745) * Dockerfile: build both RHEL8 and RHEL9 shims [#1748](https://github.com/openshift/ovn-kubernetes/pull/1748) * [OCPBUGS-15585](https://issues.redhat.com/browse/OCPBUGS-15585): [release-4.13] Fix egressFirewall create error handling [#1733](https://github.com/openshift/ovn-kubernetes/pull/1733) * [OCPBUGS-14492](https://issues.redhat.com/browse/OCPBUGS-14492): Backport OVN component templates for NodePort services. [#1709](https://github.com/openshift/ovn-kubernetes/pull/1709) * [OCPBUGS-15608](https://issues.redhat.com/browse/OCPBUGS-15608): Nuke old .rhel9 Dockerfiles [#1711](https://github.com/openshift/ovn-kubernetes/pull/1711) * [OCPBUGS-13745](https://issues.redhat.com/browse/OCPBUGS-13745): [release-4.13] ovnkube-master pod failed to reconnect to ovn db due to ssl expire [#1675](https://github.com/openshift/ovn-kubernetes/pull/1675) * [OCPBUGS-15372](https://issues.redhat.com/browse/OCPBUGS-15372): [release-4.13] Fix network policy to work with long namespace names [#1722](https://github.com/openshift/ovn-kubernetes/pull/1722) * [OCPBUGS-14979](https://issues.redhat.com/browse/OCPBUGS-14979): Validate port before deleting conntrack flow [#1712](https://github.com/openshift/ovn-kubernetes/pull/1712) * [OCPBUGS-15140](https://issues.redhat.com/browse/OCPBUGS-15140): Fix stale SNAT entries for completed pods [#1715](https://github.com/openshift/ovn-kubernetes/pull/1715) * [OCPBUGS-14482](https://issues.redhat.com/browse/OCPBUGS-14482): Dockerfiles: sync RHEL9 dockerfiles to regular unused ones [#1695](https://github.com/openshift/ovn-kubernetes/pull/1695) * [OCPBUGS-12864](https://issues.redhat.com/browse/OCPBUGS-12864): Drop packets were not properly SNATed [#1662](https://github.com/openshift/ovn-kubernetes/pull/1662) * [Full changelog](https://github.com/openshift/ovn-kubernetes/compare/db0dbadc1a409f40345e921e991bd3e22c55490a...9f1ac2c23d6bb19518dc440ad1dae74b65e98abe) ### [powervs-block-csi-driver](https://github.com/openshift/ibm-powervs-block-csi-driver/tree/530f646b86f1ba898f534900eb463ae957a1b89e) * [OCPBUGS-24728](https://issues.redhat.com/browse/OCPBUGS-24728): synk: ignore vendor dir [#61](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/61) * [OCPBUGS-21089](https://issues.redhat.com/browse/OCPBUGS-21089): CVE-2023-39325 - Update net dependencies - 4.13 [#52](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/52) * Update OWNERS add yussufsh [#54](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/54) * Updated golang.org/x/net/html dependency. [#44](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/44) * Openshiftrelease 4.13 [#41](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/41) * [Full changelog](https://github.com/openshift/ibm-powervs-block-csi-driver/compare/e0e89f1b778799e45b3d5095a9275e2802de376a...530f646b86f1ba898f534900eb463ae957a1b89e) ### [powervs-block-csi-driver-operator](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/tree/e70c980e2561788b710d710efc3e09974ad7374c) * [OCPBUGS-25716](https://issues.redhat.com/browse/OCPBUGS-25716): snyk: ignore vendor dir [#61](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/61) * [OCPBUGS-21186](https://issues.redhat.com/browse/OCPBUGS-21186): CVE-2023-39325 - Update net dependencies - 4.13 [#41](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/41) * Update OWNERS add yussufsh [#45](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/45) * [OCPBUGS-16250](https://issues.redhat.com/browse/OCPBUGS-16250): Add management workloads annotations [#34](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/34) * [Full changelog](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/compare/b40850568a7c9de0f5493147d7126a12af889b45...e70c980e2561788b710d710efc3e09974ad7374c) ### [powervs-cloud-controller-manager](https://github.com/openshift/cloud-provider-powervs/tree/de68def0c918a05ad4bf32cc0470a7931d661c27) * [OCPBUGS-24731](https://issues.redhat.com/browse/OCPBUGS-24731): UPSTREAM: <carry>: snyk code scan exclude vendor directory [#53](https://github.com/openshift/cloud-provider-powervs/pull/53) * [OCPBUGS-21280](https://issues.redhat.com/browse/OCPBUGS-21280): CVE-2023-39325 - Update net dependencies - 4.13 [#46](https://github.com/openshift/cloud-provider-powervs/pull/46) * [Full changelog](https://github.com/openshift/cloud-provider-powervs/compare/130365622eb0c59e102049529695c8326d616213...de68def0c918a05ad4bf32cc0470a7931d661c27) ### [powervs-machine-controllers](https://github.com/openshift/machine-api-provider-powervs/tree/8df68995ce00d69460baac9901f81015d9f1b55f) * [OCPBUGS-24563](https://issues.redhat.com/browse/OCPBUGS-24563): Reduce metrics cardinality [#69](https://github.com/openshift/machine-api-provider-powervs/pull/69) * [OCPBUGS-24741](https://issues.redhat.com/browse/OCPBUGS-24741): snyk code scan exclude vendor directory [#64](https://github.com/openshift/machine-api-provider-powervs/pull/64) * [OCPBUGS-21880](https://issues.redhat.com/browse/OCPBUGS-21880): CVE-2023-39325 - Bump golang.org/x/net to v0.17.0 - 4.13 [#55](https://github.com/openshift/machine-api-provider-powervs/pull/55) * [Full changelog](https://github.com/openshift/machine-api-provider-powervs/compare/bf49c5c1b07137baa766b4d78b9e9c2650ef59ad...8df68995ce00d69460baac9901f81015d9f1b55f) ### [prometheus](https://github.com/openshift/prometheus/tree/72886096272245e064297c480b24ac4895230c89) * [OCPBUGS-26423](https://issues.redhat.com/browse/OCPBUGS-26423): Add Exemplars support for all time series [#191](https://github.com/openshift/prometheus/pull/191) * [OCPBUGS-21240](https://issues.redhat.com/browse/OCPBUGS-21240): update golang.org/x/net to v0.17.0 [4.13] [#174](https://github.com/openshift/prometheus/pull/174) * [Full changelog](https://github.com/openshift/prometheus/compare/8279148fd0d8b2aa2a1613a2e9810aea80f487df...72886096272245e064297c480b24ac4895230c89) ### [prometheus-alertmanager](https://github.com/openshift/prometheus-alertmanager/tree/df2f11e2ddc206ad1924ed766b4a394d84c9236f) * [OCPBUGS-21043](https://issues.redhat.com/browse/OCPBUGS-21043): Bump golang.org/x/net to v0.17.0 [#81](https://github.com/openshift/prometheus-alertmanager/pull/81) * [Full changelog](https://github.com/openshift/prometheus-alertmanager/compare/f44d574d8e170d6788cfbf2bdbc866d3e1fc1054...df2f11e2ddc206ad1924ed766b4a394d84c9236f) ### [prometheus-config-reloader, prometheus-operator, prometheus-operator-admission-webhook](https://github.com/openshift/prometheus-operator/tree/30fdccd139b2c63a9207bd30509aec8ddec7ff5d) * [OCPBUGS-20861](https://issues.redhat.com/browse/OCPBUGS-20861): Bump golang.org/x/net to v0.17.0 [#248](https://github.com/openshift/prometheus-operator/pull/248) * [OCPBUGS-12672](https://issues.redhat.com/browse/OCPBUGS-12672): update golang.org/x/net [#237](https://github.com/openshift/prometheus-operator/pull/237) * [Full changelog](https://github.com/openshift/prometheus-operator/compare/9cd6788ed2cb30982c8b9d6ec8f8c7e72b30d7df...30fdccd139b2c63a9207bd30509aec8ddec7ff5d) ### [prometheus-node-exporter](https://github.com/openshift/node_exporter/tree/59d699cac664bfbfe83ef6a1615e34e062fd283d) * [OCPBUGS-21143](https://issues.redhat.com/browse/OCPBUGS-21143): upgrade golang.org/x/net to v0.17.0 [#135](https://github.com/openshift/node_exporter/pull/135) * [OCPBUGS-14274](https://issues.redhat.com/browse/OCPBUGS-14274): Upgrade golang.org/x/net to v0.10.0 to fix the CVE [#127](https://github.com/openshift/node_exporter/pull/127) * [Full changelog](https://github.com/openshift/node_exporter/compare/10dc380d4ce996d2557b10991b3f7623a4551e21...59d699cac664bfbfe83ef6a1615e34e062fd283d) ### [route-controller-manager](https://github.com/openshift/route-controller-manager/tree/6667a6cbf9a87331fcc4407375118c0bb884c925) * [OCPBUGS-14276](https://issues.redhat.com/browse/OCPBUGS-14276): Bump k8s to 1.26.5 [#26](https://github.com/openshift/route-controller-manager/pull/26) * [Full changelog](https://github.com/openshift/route-controller-manager/compare/d7a8e22db412b6fabb7028ca0da8de8f3d9ac3c3...6667a6cbf9a87331fcc4407375118c0bb884c925) ### [service-ca-operator](https://github.com/openshift/service-ca-operator/tree/dba00dc5b1874904542bed87f49974bf64be168a) * [OCPBUGS-28759](https://issues.redhat.com/browse/OCPBUGS-28759): Fix HTTP/2 (4.13) [#232](https://github.com/openshift/service-ca-operator/pull/232) * [OCPBUGS-16806](https://issues.redhat.com/browse/OCPBUGS-16806): Updating ose-service-ca-operator images to be consistent with ART [#214](https://github.com/openshift/service-ca-operator/pull/214) * [Full changelog](https://github.com/openshift/service-ca-operator/compare/1b89fdce3fcccecdc5fdb705fe674cd4bfc58a2a...dba00dc5b1874904542bed87f49974bf64be168a) ### [telemeter](https://github.com/openshift/telemeter/tree/8c9a8a75108afb1ba7fe6398b004cbc8229cc645) * [OCPBUGS-21327](https://issues.redhat.com/browse/OCPBUGS-21327): [release-4.13]: Bump golang.org/x/net to v0.17.0 [#485](https://github.com/openshift/telemeter/pull/485) * [OCPBUGS-14418](https://issues.redhat.com/browse/OCPBUGS-14418): Update golang.org/x/net to lastest version [#463](https://github.com/openshift/telemeter/pull/463) * [Full changelog](https://github.com/openshift/telemeter/compare/ee1ba4699b82ecb2033f886af12b9e2e451d2296...8c9a8a75108afb1ba7fe6398b004cbc8229cc645) ### [tests](https://github.com/openshift/origin/tree/99b9d537a935e6446ba1fcd55e9a5b5ba090820a) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): Add oauth-server redirect URI validation e2e tests [#28396](https://github.com/openshift/origin/pull/28396) * [OCPBUGS-19378](https://issues.redhat.com/browse/OCPBUGS-19378): [4.13] backport etcd restore tests [#28267](https://github.com/openshift/origin/pull/28267) * Bug OCPBUGS-17469: Correct condition for rejecting connection [#28151](https://github.com/openshift/origin/pull/28151) * [OCPBUGS-20361](https://issues.redhat.com/browse/OCPBUGS-20361): Update image stream test to create a manifest list image by default [#28318](https://github.com/openshift/origin/pull/28318) * [OCPBUGS-16241](https://issues.redhat.com/browse/OCPBUGS-16241): Update permission to incl. watch for helmchartrepositories for console users [#28054](https://github.com/openshift/origin/pull/28054) * [OCPBUGS-16164](https://issues.redhat.com/browse/OCPBUGS-16164): allow cluster-config-operator to manage featuregate upgrade block [#28050](https://github.com/openshift/origin/pull/28050) * [OCPBUGS-15892](https://issues.redhat.com/browse/OCPBUGS-15892): remove references to registry.centos.org [#28031](https://github.com/openshift/origin/pull/28031) * [OCPBUGS-15746](https://issues.redhat.com/browse/OCPBUGS-15746): Skip CCM upgradable condition on AlibabaCloud [#28025](https://github.com/openshift/origin/pull/28025) * [OCPBUGS-7762](https://issues.redhat.com/browse/OCPBUGS-7762): Bump with latest openshift/kubernetes at 4.13 [#27973](https://github.com/openshift/origin/pull/27973) * [OCPBUGS-5029](https://issues.redhat.com/browse/OCPBUGS-5029): [release-4.13] OpenStack: Restore in-tree cinder provisioner tests [#27827](https://github.com/openshift/origin/pull/27827) * [OCPBUGS-14342](https://issues.redhat.com/browse/OCPBUGS-14342): Increase timeout in sysctl allowlist test [#27956](https://github.com/openshift/origin/pull/27956) * [OCPBUGS-13840](https://issues.redhat.com/browse/OCPBUGS-13840): Add missing error check in sysctl allowlist test [#27929](https://github.com/openshift/origin/pull/27929) * [OCPBUGS-14127](https://issues.redhat.com/browse/OCPBUGS-14127): Move from registry.centos.org to quay.io [#27948](https://github.com/openshift/origin/pull/27948) * [OCPBUGS-12700](https://issues.redhat.com/browse/OCPBUGS-12700): update-etcd-scaling-test [#27892](https://github.com/openshift/origin/pull/27892) * [Full changelog](https://github.com/openshift/origin/compare/893ae5755c21bfabe8042f6e885dda7d80671b5c...99b9d537a935e6446ba1fcd55e9a5b5ba090820a) ### [thanos](https://github.com/openshift/thanos/tree/70fb57fb209e5aa491417fc421a97d417a5530bc) * [OCPBUGS-27206](https://issues.redhat.com/browse/OCPBUGS-27206): Bump otel/http to 0.44.0 [openshift-4.13.z] [#138](https://github.com/openshift/thanos/pull/138) * [OCPBUGS-21157](https://issues.redhat.com/browse/OCPBUGS-21157): Bump golang.org/x/net to v0.17.0 [#125](https://github.com/openshift/thanos/pull/125) * [Full changelog](https://github.com/openshift/thanos/compare/43238be385374e76ca6148a6780ddff9ebca3d11...70fb57fb209e5aa491417fc421a97d417a5530bc) ### [vsphere-cloud-controller-manager](https://github.com/openshift/cloud-provider-vsphere/tree/f56d57ba990f7f4ce1a6b1f9842331e9259c94f1) * [OCPBUGS-21506](https://issues.redhat.com/browse/OCPBUGS-21506): Bump golang.org/x/net to v0.18.0 [#55](https://github.com/openshift/cloud-provider-vsphere/pull/55) * [OCPBUGS-17103](https://issues.redhat.com/browse/OCPBUGS-17103): update x/net dependency to 0.7.0 [#46](https://github.com/openshift/cloud-provider-vsphere/pull/46) * [Full changelog](https://github.com/openshift/cloud-provider-vsphere/compare/e9a65389e8c45d79dea428c0610b7fdd0b6f5be6...f56d57ba990f7f4ce1a6b1f9842331e9259c94f1) ### [vsphere-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-vsphere/tree/da63f2b930cdd6090904ee607319b40615b245f6) * [OCPBUGS-21556](https://issues.redhat.com/browse/OCPBUGS-21556): bump golang.org/x/net to v0.17.0 [#23](https://github.com/openshift/cluster-api-provider-vsphere/pull/23) * [Full changelog](https://github.com/openshift/cluster-api-provider-vsphere/compare/24e08ddf65fd387ea7c71e229b13e47d6cd3643f...da63f2b930cdd6090904ee607319b40615b245f6) ### [vsphere-csi-driver, vsphere-csi-driver-syncer](https://github.com/openshift/vmware-vsphere-csi-driver/tree/4d3036a6c7fe0c850bbadd942267426afe2ec16a) * [OCPBUGS-21561](https://issues.redhat.com/browse/OCPBUGS-21561): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#91](https://github.com/openshift/vmware-vsphere-csi-driver/pull/91) * [OCPBUGS-16398](https://issues.redhat.com/browse/OCPBUGS-16398): Rebase v3.0.2 [#83](https://github.com/openshift/vmware-vsphere-csi-driver/pull/83) * [Full changelog](https://github.com/openshift/vmware-vsphere-csi-driver/compare/5e0efc3911345f62ef6fa6ae7334d01fbf4de4bd...4d3036a6c7fe0c850bbadd942267426afe2ec16a) ### [vsphere-csi-driver-operator](https://github.com/openshift/vmware-vsphere-csi-driver-operator/tree/a9e5036e12facff0193d563b752847191fc9dc91) * [OCPBUGS-21434](https://issues.redhat.com/browse/OCPBUGS-21434): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#174](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/174) * [OCPBUGS-18132](https://issues.redhat.com/browse/OCPBUGS-18132): Block 4.14 upgrades with admin ack [#169](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/169) * [OCPBUGS-18332](https://issues.redhat.com/browse/OCPBUGS-18332): disable controller hostNetwork [#166](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/166) * [Full changelog](https://github.com/openshift/vmware-vsphere-csi-driver-operator/compare/ab111cf6a6f39b81ace6990dc56eb9ca14560614...a9e5036e12facff0193d563b752847191fc9dc91) ### [vsphere-problem-detector](https://github.com/openshift/vsphere-problem-detector/tree/3ad7408fb53a9377d9f5b2cf5ae38570a9ec5c59) * [OCPBUGS-21577](https://issues.redhat.com/browse/OCPBUGS-21577): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#130](https://github.com/openshift/vsphere-problem-detector/pull/130) * [OCPBUGS-14571](https://issues.redhat.com/browse/OCPBUGS-14571): Check all storage classes including CSI storageclasses [#120](https://github.com/openshift/vsphere-problem-detector/pull/120) * [OCPBUGS-14098](https://issues.redhat.com/browse/OCPBUGS-14098): In UPI clusters VSphere platform could be nil [#118](https://github.com/openshift/vsphere-problem-detector/pull/118) * [OCPBUGS-14085](https://issues.redhat.com/browse/OCPBUGS-14085): Log vcenter version information [#117](https://github.com/openshift/vsphere-problem-detector/pull/117) * [Full changelog](https://github.com/openshift/vsphere-problem-detector/compare/e10dc55232d1bf9f11251f63abcb72fe75bedd75...3ad7408fb53a9377d9f5b2cf5ae38570a9ec5c59)