# 4.13.54 Created: 2024-12-05 15:24:54 +0000 UTC Image Digest: `sha256:bfe066b4b30eeb48f1099339131d56d4005f0867d4e4b3484e3fcfee39b3d26f` ## Changes from 4.13.15 ### Components * Kubernetes upgraded from 1.26.9 to 1.26.15 * Red Hat Enterprise Linux CoreOS upgraded from 413.92.202310021538-0 to 413.92.202411212100-0 ### Rebuilt images without code change * [alibaba-machine-controllers](https://github.com/openshift/cluster-api-provider-alibaba) git [4c0f96a6](https://github.com/openshift/cluster-api-provider-alibaba/commit/4c0f96a692dee91100d7085c05a68f3efb7e281d) `sha256:abc31d6d805f48073c5c43e1cbe6ed92d90857a5e777f2d3663b1ee7f49779c8` * [cluster-bootstrap](https://github.com/openshift/cluster-bootstrap) git [ee908b6b](https://github.com/openshift/cluster-bootstrap/commit/ee908b6bb91dee3e61aface46d53a00b4e9288a2) `sha256:9f0ac692e26d470b88a5ff29ee51b7cb53e1bca060a942f30df68c1cff7dd09c` * [configmap-reloader](https://github.com/openshift/configmap-reload) git [9adad592](https://github.com/openshift/configmap-reload/commit/9adad592e7d9bd5a723add16488e68365a64977f) `sha256:510c453e836ee92024a59cbe6192b962bc23542ceeaf2a13bab217c0316d9a53` * [csi-driver-nfs](https://github.com/openshift/csi-driver-nfs) git [2b914c21](https://github.com/openshift/csi-driver-nfs/commit/2b914c2161722ebf11f9275fa29e00a0b1306da1) `sha256:09c47351b6cde2dff1d398fc6f736e5be70ea95b2b985255941510b8b745db4b` * [docker-registry](https://github.com/openshift/image-registry) git [47a15ac8](https://github.com/openshift/image-registry/commit/47a15ac8b7233bb1de44c1364bbd787de2edaaf0) `sha256:e9eb8a7420bb2331836315d4716f4c61a1890e80ecd1af170ae6b0e2799a6c16` * [driver-toolkit](https://github.com/openshift/driver-toolkit) git [d719bdcf](https://github.com/openshift/driver-toolkit/commit/d719bdcfa49bc18b729117ee513a86a1ddecb63a) `sha256:5ad504e54f7eb23228c77faf74af0b2fe95ba3978c35c5c6f3694097deaf2801` * [ibmcloud-machine-controllers](https://github.com/openshift/machine-api-provider-ibmcloud) git [bb253a0c](https://github.com/openshift/machine-api-provider-ibmcloud/commit/bb253a0c607f7d1f8139ffd401bd6c9c432090d1) `sha256:e49b1f72ac62e2dbe8ae9532a2c8292509f683ca80ee638212aab23abcb5dc05` * [ironic-machine-os-downloader](https://github.com/openshift/ironic-rhcos-downloader) git [ce291779](https://github.com/openshift/ironic-rhcos-downloader/commit/ce2917794de5723248fe3302c8833f89fb54265a) `sha256:2b96333a3621381712983912cb2d53abd574760ca07292e6cace5084f3fa1c75` * [ironic-static-ip-manager](https://github.com/openshift/ironic-static-ip-manager) git [4536724a](https://github.com/openshift/ironic-static-ip-manager/commit/4536724a8644fda91a74b23901ba1789eaff7179) `sha256:83df2b35956be66b69818ede3780faad5b723fe639d119d4a1531b15d151f46e` * [kube-storage-version-migrator](https://github.com/openshift/kubernetes-kube-storage-version-migrator) git [bad104d1](https://github.com/openshift/kubernetes-kube-storage-version-migrator/commit/bad104d13ba95bc850f5aaf96436f793d7985864) `sha256:fc4430529ac270ab53a3f4c120b1ef3395e71331c5139587b55558e57a7888dd` * [kubevirt-cloud-controller-manager](https://github.com/openshift/cloud-provider-kubevirt) git [ee2033ec](https://github.com/openshift/cloud-provider-kubevirt/commit/ee2033ecd471dc9fc08d101c421a04916f4f55c5) `sha256:8c4beab1fd1a41648cfb32a93d523bba1d6e724b01738beb95a98cf75473aa1f` * [kuryr-cni](https://github.com/openshift/kuryr-kubernetes) git [36754b7b](https://github.com/openshift/kuryr-kubernetes/commit/36754b7b90928e26811e1c5ea13e7d0bd85709de) `sha256:ddac1dcf356421eb0221f87d0644e09a86064903026717cf054f83764c9fb8f6` * [kuryr-controller](https://github.com/openshift/kuryr-kubernetes) git [36754b7b](https://github.com/openshift/kuryr-kubernetes/commit/36754b7b90928e26811e1c5ea13e7d0bd85709de) `sha256:1cd647642c757fec41647a0163af2b8366edf8fd1998a6ac81c50bc5e456b80b` * [libvirt-machine-controllers](https://github.com/openshift/cluster-api-provider-libvirt) git [d4b7a8ab](https://github.com/openshift/cluster-api-provider-libvirt/commit/d4b7a8ab790a970ce2f0374146248b2307df0185) `sha256:cae5f2f8833057419daafd1d1569ff654094c379d9df075a2e819673c407636c` * machine-os-content `sha256:372aebcfa12c7cca69becda6499ac1e79f8e3f8c340fa119a2df78cd2db5d72e` * [machine-os-images](https://github.com/openshift/machine-os-images) git [b14856ff](https://github.com/openshift/machine-os-images/commit/b14856ffbc8fbe1f986cf1b7b835bbeaa786ce5e) `sha256:5a8427f9d1d71638bb592bf5b30c51a39e526558558862c6d1f9455a3b56cab1` * [multus-route-override-cni](https://github.com/openshift/route-override-cni) git [ca3bbec5](https://github.com/openshift/route-override-cni/commit/ca3bbec5c75ebcd6814bdd74856b27db755c9fa3) `sha256:5449c6686344945f502937024b41c6cc7bbde62a619d81490e8341ab7a501f66` * [must-gather](https://github.com/openshift/must-gather) git [288ef2fc](https://github.com/openshift/must-gather/commit/288ef2fcfe63cbfab0af69a41b508c044ee890aa) `sha256:1a3e128db74439804f2ed0e917e12a7e2a21596014c707fdd0f4604fc914fd1c` * [network-interface-bond-cni](https://github.com/openshift/bond-cni) git [84bda2af](https://github.com/openshift/bond-cni/commit/84bda2afb2ab260253b77d5d282df773cc6b3438) `sha256:ea22ba5f2079d52b36f2e3df361f9464e8a803d0810860ef1cd97d3baca54244` * [network-tools](https://github.com/openshift/network-tools) git [073feda1](https://github.com/openshift/network-tools/commit/073feda14fbd894c4238d693afa38a06392f2360) `sha256:d58d715f48956b91e64e4b2b84b8284a04eda99f66c5692f77afeb03fa3f3046` * [nutanix-cloud-controller-manager](https://github.com/openshift/cloud-provider-nutanix) git [4d1c58e2](https://github.com/openshift/cloud-provider-nutanix/commit/4d1c58e2b97f00e64ab4332d18dfdd531fb9cc4e) `sha256:a7b2b7f84e5c98dea513959e385cc1d5f4fb0a6d244c9437d493f980ec084cd5` * [oauth-proxy](https://github.com/openshift/oauth-proxy) git [44af5a3a](https://github.com/openshift/oauth-proxy/commit/44af5a3a021fd158c2e44d9951ad59a3d474cdf3) `sha256:4aee098861080f307e69b0f7ef7a7e5ddc12ec0a674750945d4ee30d02feb29b` * [ovirt-machine-controllers](https://github.com/openshift/cluster-api-provider-ovirt) git [22d89b3f](https://github.com/openshift/cluster-api-provider-ovirt/commit/22d89b3fd9e2e395a62f71092487d26c8940052e) `sha256:47d3e004e4d34884669eb8906faa236e9e4006dd47f67e322e1295dd525ce5e3` * [prom-label-proxy](https://github.com/openshift/prom-label-proxy) git [b501d5e2](https://github.com/openshift/prom-label-proxy/commit/b501d5e2aff82d46a141223636b522aeae95b915) `sha256:071024759069eb72b01e434b21e5be7143c684a6392ab552b6b3979d6a53ce8a` * rhel-coreos `sha256:646b4f849f07b11b43e73c4352f9dbb2f42ecfc104364c5977fea8eb4dbc5adc` * rhel-coreos-extensions `sha256:8cf453c3c9d9b62c82803cc103ffecd997b3cd09f5a41bca60e9bed4dacd05cc` * [route-controller-manager](https://github.com/openshift/route-controller-manager) git [6667a6cb](https://github.com/openshift/route-controller-manager/commit/6667a6cbf9a87331fcc4407375118c0bb884c925) `sha256:d13b1f9887edbf020b1eaf18efc76116e0b89803f3c0a17e255a10b79bc0da0b` ### [agent-installer-api-server](https://github.com/openshift/assisted-service/tree/ec6e27b020dd607995b494589c607442cb1639d6) * [OCPBUGS-13611](https://issues.redhat.com/browse/OCPBUGS-13611): Update version go-http-metrics/gin (#6919) [#6919](https://github.com/openshift/assisted-service/pull/6919) * [MGMT-17595](https://issues.redhat.com/browse/MGMT-17595): Bump x/net to v0.24.0 to mitigate CVE-2023-45288 (#6215) [#6215](https://github.com/openshift/assisted-service/pull/6215) * [MGMT-17588](https://issues.redhat.com/browse/MGMT-17588): Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#6202) [#6202](https://github.com/openshift/assisted-service/pull/6202) * [MGMT-17541](https://issues.redhat.com/browse/MGMT-17541): Replace broken golangci reference (#6196) [#6196](https://github.com/openshift/assisted-service/pull/6196) * NO-ISSUE: replace postgres images as current one disappeared from quay (#6133) [#6133](https://github.com/openshift/assisted-service/pull/6133) * [Full changelog](https://github.com/openshift/assisted-service/compare/06189bcdb0bea068f8ac51a3550fcdcbde522a76...ec6e27b020dd607995b494589c607442cb1639d6) ### [agent-installer-csr-approver, agent-installer-orchestrator](https://github.com/openshift/assisted-installer/tree/19034d841ba718740ad4c4d821924a79db2843ff) * [OCPBUGS-13612](https://issues.redhat.com/browse/OCPBUGS-13612): Update version go-http-metrics/gin (#935) [#935](https://github.com/openshift/assisted-installer/pull/935) * [MGMT-17595](https://issues.redhat.com/browse/MGMT-17595): Bump x/net to at least v0.24.0 to mitigate CVE-2023-45288 (#835) [#835](https://github.com/openshift/assisted-installer/pull/835) * [MGMT-17588](https://issues.redhat.com/browse/MGMT-17588): Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#829) [#829](https://github.com/openshift/assisted-installer/pull/829) * [MGMT-17541](https://issues.redhat.com/browse/MGMT-17541): Replace broken golangci reference (#826) [#826](https://github.com/openshift/assisted-installer/pull/826) * [Full changelog](https://github.com/openshift/assisted-installer/compare/edf25423e34294b754ac16a67dbaf1aed7467ca4...19034d841ba718740ad4c4d821924a79db2843ff) ### [agent-installer-node-agent](https://github.com/openshift/assisted-installer-agent/tree/6ee27bc3b9e57763c16d795b355afb890256ff32) * [MGMT-17595](https://issues.redhat.com/browse/MGMT-17595): Bump x/net to at least v0.24.0 to mitigate CVE-2023-45288 (#706) [#706](https://github.com/openshift/assisted-installer-agent/pull/706) * NO-ISSUE: Quick fix for broken ignition download test in 4.13 release (#700) [#700](https://github.com/openshift/assisted-installer-agent/pull/700) * [MGMT-17588](https://issues.redhat.com/browse/MGMT-17588): Bump runc to v1.1.12 to mitigate CVE-2024-21626 (#702) [#702](https://github.com/openshift/assisted-installer-agent/pull/702) * [MGMT-17541](https://issues.redhat.com/browse/MGMT-17541): Replace broken golangci reference (#697) [#697](https://github.com/openshift/assisted-installer-agent/pull/697) * [MGMT-13111](https://issues.redhat.com/browse/MGMT-13111): Freeze on `404 Not Found` (#628) [#628](https://github.com/openshift/assisted-installer-agent/pull/628) * [Full changelog](https://github.com/openshift/assisted-installer-agent/compare/35357f5725d925f451c29668c0b9e307998c6ac5...6ee27bc3b9e57763c16d795b355afb890256ff32) ### [alibaba-cloud-controller-manager](https://github.com/openshift/cloud-provider-alibaba-cloud/tree/e41e11ccf25fa74e4cfb4ace124f35cffc0191a7) * [OCPBUGS-21238](https://issues.redhat.com/browse/OCPBUGS-21238): Bump golang.org/x/net to v0.19.0 [#43](https://github.com/openshift/cloud-provider-alibaba-cloud/pull/43) * [Full changelog](https://github.com/openshift/cloud-provider-alibaba-cloud/compare/b5200baa784513b77437809c63fcc80cfd53c9df...e41e11ccf25fa74e4cfb4ace124f35cffc0191a7) ### [alibaba-cloud-csi-driver](https://github.com/openshift/alibaba-cloud-csi-driver/tree/6384f904d041b761670532ac183271b8110707f2) * [OCPBUGS-21329](https://issues.redhat.com/browse/OCPBUGS-21329): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#37](https://github.com/openshift/alibaba-cloud-csi-driver/pull/37) * [Full changelog](https://github.com/openshift/alibaba-cloud-csi-driver/compare/94667c6c213f07ec7613a6d6e831d64ee73181e1...6384f904d041b761670532ac183271b8110707f2) ### [alibaba-disk-csi-driver-operator](https://github.com/openshift/alibaba-disk-csi-driver-operator/tree/7e415973dda671d82ae58d0107af274ff053db5c) * [OCPBUGS-21428](https://issues.redhat.com/browse/OCPBUGS-21428): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#65](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/65) * [Full changelog](https://github.com/openshift/alibaba-disk-csi-driver-operator/compare/c08d87a1d043dc04d3d3cb59be9265ee5ed29b06...7e415973dda671d82ae58d0107af274ff053db5c) ### [apiserver-network-proxy](https://github.com/openshift/apiserver-network-proxy/tree/f56c606ae15041b0c981e654ab577d2b0a3a0a8f) * [OCPBUGS-38066](https://issues.redhat.com/browse/OCPBUGS-38066): Revert "Agent: Respect HTTPS_PROXY env vars for proxied connections" [#61](https://github.com/openshift/apiserver-network-proxy/pull/61) * [OCPBUGS-31984](https://issues.redhat.com/browse/OCPBUGS-31984): Bump golang.org/x/net to v0.23.0 [#52](https://github.com/openshift/apiserver-network-proxy/pull/52) * [HOSTEDCP-1323](https://issues.redhat.com/browse/HOSTEDCP-1323): Merge latest code into 4.14 branch [#45](https://github.com/openshift/apiserver-network-proxy/pull/45) * [Full changelog](https://github.com/openshift/apiserver-network-proxy/compare/f1e6d94ca51afe169bc038acb0b06cedea16d617...f56c606ae15041b0c981e654ab577d2b0a3a0a8f) ### [aws-cloud-controller-manager](https://github.com/openshift/cloud-provider-aws/tree/95c03b7b838f7c78efe8957b50c50a22cd625be7) * [OCPBUGS-32073](https://issues.redhat.com/browse/OCPBUGS-32073): update for CVE-2023-45288 [release-4.13] [#84](https://github.com/openshift/cloud-provider-aws/pull/84) * [OCPBUGS-27964](https://issues.redhat.com/browse/OCPBUGS-27964): bump go.opentelemetry.io [#72](https://github.com/openshift/cloud-provider-aws/pull/72) * [OCPBUGS-20738](https://issues.redhat.com/browse/OCPBUGS-20738): Update golang.org/x/net to v0.17.0 [#54](https://github.com/openshift/cloud-provider-aws/pull/54) * [Full changelog](https://github.com/openshift/cloud-provider-aws/compare/946daa07dbf49c4a1860a1c3fc4c05fa685c6590...95c03b7b838f7c78efe8957b50c50a22cd625be7) ### [aws-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-aws/tree/27360a3967ed742a9eb1b0c2ed539d99ec6b9424) * [OCPBUGS-32470](https://issues.redhat.com/browse/OCPBUGS-32470): UPSTREAM: 4670:Update awsmachine providerID and instanceID immediately after ec2:RunInstances is called [#509](https://github.com/openshift/cluster-api-provider-aws/pull/509) * [OCPBUGS-20836](https://issues.redhat.com/browse/OCPBUGS-20836): bump golang.org/x/net to v0.17.0 [#482](https://github.com/openshift/cluster-api-provider-aws/pull/482) * [Full changelog](https://github.com/openshift/cluster-api-provider-aws/compare/acb52a088682bf4019d616523881401526437fd3...27360a3967ed742a9eb1b0c2ed539d99ec6b9424) ### [aws-ebs-csi-driver](https://github.com/openshift/aws-ebs-csi-driver/tree/8205d51c798f8fea91eb6c1702fb63e7d6c17005) * [OCPBUGS-33363](https://issues.redhat.com/browse/OCPBUGS-33363): [release-4.13] UPSTREAM: 1919: Add reserved-volume-attachments [#266](https://github.com/openshift/aws-ebs-csi-driver/pull/266) * [OCPBUGS-20939](https://issues.redhat.com/browse/OCPBUGS-20939): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#240](https://github.com/openshift/aws-ebs-csi-driver/pull/240) * [Full changelog](https://github.com/openshift/aws-ebs-csi-driver/compare/923631d779405e7cb684c174fa42e589c318060f...8205d51c798f8fea91eb6c1702fb63e7d6c17005) ### [aws-ebs-csi-driver-operator](https://github.com/openshift/aws-ebs-csi-driver-operator/tree/8f05d9cd9f35c40ab0929577a9650a02c88a2be0) * [OCPBUGS-33363](https://issues.redhat.com/browse/OCPBUGS-33363): Explicitly reserve 1 attachment for the root disk [#307](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/307) * [OCPBUGS-21034](https://issues.redhat.com/browse/OCPBUGS-21034): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#281](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/281) * [Full changelog](https://github.com/openshift/aws-ebs-csi-driver-operator/compare/baf14a425efed2764c79d630d5aecb4744066397...8f05d9cd9f35c40ab0929577a9650a02c88a2be0) ### [aws-machine-controllers](https://github.com/openshift/machine-api-provider-aws/tree/e1a57b5e4ce731e8f90cd2c0d4ded81e40fa7a37) * [OCPBUGS-24563](https://issues.redhat.com/browse/OCPBUGS-24563): Reduce metrics cardinality [#96](https://github.com/openshift/machine-api-provider-aws/pull/96) * [OCPBUGS-21568](https://issues.redhat.com/browse/OCPBUGS-21568): Update golang.org/x/net to v0.17.0 [#89](https://github.com/openshift/machine-api-provider-aws/pull/89) * [Full changelog](https://github.com/openshift/machine-api-provider-aws/compare/ba3b3a31ca9efcc984015280965a4b28ffd740e0...e1a57b5e4ce731e8f90cd2c0d4ded81e40fa7a37) ### [aws-pod-identity-webhook](https://github.com/openshift/aws-pod-identity-webhook/tree/ae01a272aff73b1390ee4c3934cc2382370a1660) * [OCPBUGS-32882](https://issues.redhat.com/browse/OCPBUGS-32882): Upgrade go-jose module to 2.6.3 [#190](https://github.com/openshift/aws-pod-identity-webhook/pull/190) * [OCPBUGS-21331](https://issues.redhat.com/browse/OCPBUGS-21331): Upgrade golang/x/net for CVE-2023-39325 [#184](https://github.com/openshift/aws-pod-identity-webhook/pull/184) * NO-ISSUE: Sync OWNERS with team members [#177](https://github.com/openshift/aws-pod-identity-webhook/pull/177) * snyk: exclude vendor/ [#172](https://github.com/openshift/aws-pod-identity-webhook/pull/172) * [Full changelog](https://github.com/openshift/aws-pod-identity-webhook/compare/125a4b45d02ac7596406e43810398688b25ec91d...ae01a272aff73b1390ee4c3934cc2382370a1660) ### [azure-cloud-controller-manager, azure-cloud-node-manager](https://github.com/openshift/cloud-provider-azure/tree/bf9bd02236e13c426d58c9828685dd6c598ff15f) * [OCPBUGS-21419](https://issues.redhat.com/browse/OCPBUGS-21419): Bump golang.org/x/net to v0.18.0 [#94](https://github.com/openshift/cloud-provider-azure/pull/94) * [Full changelog](https://github.com/openshift/cloud-provider-azure/compare/b8d243397ff297baf875a88132f84d8cef34b968...bf9bd02236e13c426d58c9828685dd6c598ff15f) ### [azure-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-azure/tree/3f757a8f2ada44c7124f5d0205feb29b0fff1977) * [OCPBUGS-36022](https://issues.redhat.com/browse/OCPBUGS-36022): Update go-retryablehttp to v0.7.7 [#314](https://github.com/openshift/cluster-api-provider-azure/pull/314) * [OCPBUGS-21503](https://issues.redhat.com/browse/OCPBUGS-21503): bump golang.org/x/net to v0.17.0 [#288](https://github.com/openshift/cluster-api-provider-azure/pull/288) * [Full changelog](https://github.com/openshift/cluster-api-provider-azure/compare/8846366f4ae63a63ab75a35761cca1c95dee3c84...3f757a8f2ada44c7124f5d0205feb29b0fff1977) ### [azure-disk-csi-driver](https://github.com/openshift/azure-disk-csi-driver/tree/b6d3fbcbf312f03247092323a88a43873b693f22) * [OCPBUGS-23216](https://issues.redhat.com/browse/OCPBUGS-23216): Update to v1.26.7 [#63](https://github.com/openshift/azure-disk-csi-driver/pull/63) * [OCPBUGS-20688](https://issues.redhat.com/browse/OCPBUGS-20688): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#55](https://github.com/openshift/azure-disk-csi-driver/pull/55) * [Full changelog](https://github.com/openshift/azure-disk-csi-driver/compare/89e21d61f6f23b2e89f1b24096e458d6ade8a40a...b6d3fbcbf312f03247092323a88a43873b693f22) ### [azure-disk-csi-driver-operator](https://github.com/openshift/azure-disk-csi-driver-operator/tree/8534d7563e209e12eec38a2027cd1d9efd530071) * [OCPBUGS-20766](https://issues.redhat.com/browse/OCPBUGS-20766): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#102](https://github.com/openshift/azure-disk-csi-driver-operator/pull/102) * [Full changelog](https://github.com/openshift/azure-disk-csi-driver-operator/compare/842415aa35f7151c34645161ef6aede60354ae2a...8534d7563e209e12eec38a2027cd1d9efd530071) ### [azure-file-csi-driver](https://github.com/openshift/azure-file-csi-driver/tree/15e6f80ec4be826cd5d03ef4126be0dd171b506e) * [OCPBUGS-41678](https://issues.redhat.com/browse/OCPBUGS-41678): bump mount-utils to treat ENODEV error as corrupted mount [#81](https://github.com/openshift/azure-file-csi-driver/pull/81) * [OCPBUGS-20862](https://issues.redhat.com/browse/OCPBUGS-20862): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#38](https://github.com/openshift/azure-file-csi-driver/pull/38) * [Full changelog](https://github.com/openshift/azure-file-csi-driver/compare/60e0cb86a6055e420bfdb52530d0a0d6418f47fd...15e6f80ec4be826cd5d03ef4126be0dd171b506e) ### [azure-file-csi-driver-operator](https://github.com/openshift/azure-file-csi-driver-operator/tree/70e0530255150e513061730f7624c9c235ee7c38) * [OCPBUGS-20964](https://issues.redhat.com/browse/OCPBUGS-20964): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#77](https://github.com/openshift/azure-file-csi-driver-operator/pull/77) * [Full changelog](https://github.com/openshift/azure-file-csi-driver-operator/compare/a79311d87a15769d1bad162d80fb9cb978478a42...70e0530255150e513061730f7624c9c235ee7c38) ### [azure-machine-controllers](https://github.com/openshift/machine-api-provider-azure/tree/62f6e0f3091262a84e1d6240e2086f35635b5b5b) * [OCPBUGS-29906](https://issues.redhat.com/browse/OCPBUGS-29906): Don't create availability set when using spot instances [#104](https://github.com/openshift/machine-api-provider-azure/pull/104) * [OCPBUGS-24563](https://issues.redhat.com/browse/OCPBUGS-24563): Reduce metrics cardinality [#89](https://github.com/openshift/machine-api-provider-azure/pull/89) * [OCPBUGS-20758](https://issues.redhat.com/browse/OCPBUGS-20758): Bump x/net package to v0.18.0 [#83](https://github.com/openshift/machine-api-provider-azure/pull/83) * [Full changelog](https://github.com/openshift/machine-api-provider-azure/compare/2c0c0ec9d486f737044033f5010a91e117c4e492...62f6e0f3091262a84e1d6240e2086f35635b5b5b) ### [baremetal-installer, installer, installer-artifacts](https://github.com/openshift/installer/tree/22d34573ae3c910c9f03d9ee7c11ee7f03da10b8) * [OCPBUGS-39217](https://issues.redhat.com/browse/OCPBUGS-39217): Add yq v4 to ci image [#8922](https://github.com/openshift/installer/pull/8922) * [OCPBUGS-36088](https://issues.redhat.com/browse/OCPBUGS-36088): [release-4.13]: bump go-retryablehttp for CVE fix [#8659](https://github.com/openshift/installer/pull/8659) * [OCPBUGS-29124](https://issues.redhat.com/browse/OCPBUGS-29124): IBMCloud: Handle disk delete errors [#7989](https://github.com/openshift/installer/pull/7989) * [OCPBUGS-37168](https://issues.redhat.com/browse/OCPBUGS-37168): Add yq-v4 to the upi-installer image for CI [#8743](https://github.com/openshift/installer/pull/8743) * [OCPBUGS-35976](https://issues.redhat.com/browse/OCPBUGS-35976): [release-4.13] bump github.com/containers/image for CVE fix [#8651](https://github.com/openshift/installer/pull/8651) * [OCPBUGS-33732](https://issues.redhat.com/browse/OCPBUGS-33732): preserve category name when trying to find tag category [#8419](https://github.com/openshift/installer/pull/8419) * [OCPBUGS-33062](https://issues.redhat.com/browse/OCPBUGS-33062): openstack: Honour worker server group policy [#8323](https://github.com/openshift/installer/pull/8323) * [OCPBUGS-32359](https://issues.redhat.com/browse/OCPBUGS-32359): Updated libvirt installer to include multi-arch yq and symlink for backwards compatibility [#8284](https://github.com/openshift/installer/pull/8284) * [OCPBUGS-22979](https://issues.redhat.com/browse/OCPBUGS-22979): IBMCloud: Add eu-es region [#7685](https://github.com/openshift/installer/pull/7685) * [OCPBUGS-30629](https://issues.redhat.com/browse/OCPBUGS-30629): baremetal: populate customDeploy in advance [#8129](https://github.com/openshift/installer/pull/8129) * [OCPBUGS-29627](https://issues.redhat.com/browse/OCPBUGS-29627): update RHCOS 4.13 bootimage metadata to 413.92.202402131523-0 [#8038](https://github.com/openshift/installer/pull/8038) * [OCPBUGS-30000](https://issues.redhat.com/browse/OCPBUGS-30000): [release-4.13] Bump containerd for vulnerability fix [#8073](https://github.com/openshift/installer/pull/8073) * [OCPBUGS-28654](https://issues.redhat.com/browse/OCPBUGS-28654): Fix depreciated typo [#7963](https://github.com/openshift/installer/pull/7963) * [OCPBUGS-27453](https://issues.redhat.com/browse/OCPBUGS-27453): baremetal: correct external_http_url for v6-only BMCs [#7934](https://github.com/openshift/installer/pull/7934) * [OCPBUGS-23499](https://issues.redhat.com/browse/OCPBUGS-23499): update RHCOS 4.13 bootimage metadata to 413.92.202401100947-0 [#7920](https://github.com/openshift/installer/pull/7920) * [OCPBUGS-25420](https://issues.redhat.com/browse/OCPBUGS-25420): destroy: gcp: fix destroying regional disks [#7840](https://github.com/openshift/installer/pull/7840) * [OCPBUGS-23464](https://issues.redhat.com/browse/OCPBUGS-23464): Add KMS encryption keys if provided [#7746](https://github.com/openshift/installer/pull/7746) * [OCPBUGS-23141](https://issues.redhat.com/browse/OCPBUGS-23141): Specify google cloud CLI to version 447.0.0 [#7706](https://github.com/openshift/installer/pull/7706) * [OCPBUGS-22939](https://issues.redhat.com/browse/OCPBUGS-22939): azure: validation: validate defaultMachinePlatform [#7679](https://github.com/openshift/installer/pull/7679) * [OCPBUGS-14551](https://issues.redhat.com/browse/OCPBUGS-14551): [vSphere] Upi installation failed due to VMs for master and worker node creation failed [#7229](https://github.com/openshift/installer/pull/7229) * [OCPBUGS-19307](https://issues.redhat.com/browse/OCPBUGS-19307): Implement workaround to allow SNO installations for OKD/FCOS [#7480](https://github.com/openshift/installer/pull/7480) * [OCPBUGS-18787](https://issues.redhat.com/browse/OCPBUGS-18787): vSphere set bootstrap/master efi [#7481](https://github.com/openshift/installer/pull/7481) * [OCPBUGS-19320](https://issues.redhat.com/browse/OCPBUGS-19320): [release-4.13] for vsphere ipi add cluster domain to the uploaded vm configs so that… [#7498](https://github.com/openshift/installer/pull/7498) * [OCPBUGS-20141](https://issues.redhat.com/browse/OCPBUGS-20141): [release-4.13] Use updated ansible-core for Openstack image [#7559](https://github.com/openshift/installer/pull/7559) * [Full changelog](https://github.com/openshift/installer/compare/7cbe79cbc9a8704552b95c96721b7c73e0d5e552...22d34573ae3c910c9f03d9ee7c11ee7f03da10b8) ### [baremetal-machine-controllers](https://github.com/openshift/cluster-api-provider-baremetal/tree/336497557b48d67635a7be2bf26ae6a885a67560) * [OCPBUGS-29822](https://issues.redhat.com/browse/OCPBUGS-29822): Extend metal3remediation aggregation role [#212](https://github.com/openshift/cluster-api-provider-baremetal/pull/212) * [OCPBUGS-21701](https://issues.redhat.com/browse/OCPBUGS-21701): Uplift x/net to v0.17.0 [#199](https://github.com/openshift/cluster-api-provider-baremetal/pull/199) * [Full changelog](https://github.com/openshift/cluster-api-provider-baremetal/compare/7de328a2d332833257fde75368e624908a3eec13...336497557b48d67635a7be2bf26ae6a885a67560) ### [baremetal-operator](https://github.com/openshift/baremetal-operator/tree/f6db335c7a6fe564a6ef56a98b71e230e685fc6f) * [OCPBUGS-30629](https://issues.redhat.com/browse/OCPBUGS-30629): Do not update instance_info and deploy_interface for active nodes [#337](https://github.com/openshift/baremetal-operator/pull/337) * [OCPBUGS-23504](https://issues.redhat.com/browse/OCPBUGS-23504): hack for deploying V6-only clusters from dualstack hubs [#321](https://github.com/openshift/baremetal-operator/pull/321) * [OCPBUGS-21167](https://issues.redhat.com/browse/OCPBUGS-21167): Uplift x/net to v0.17.0 [#309](https://github.com/openshift/baremetal-operator/pull/309) * [Full changelog](https://github.com/openshift/baremetal-operator/compare/12e53b8aeee5bb4d576e88dad5611c798928249b...f6db335c7a6fe564a6ef56a98b71e230e685fc6f) ### [baremetal-runtimecfg](https://github.com/openshift/baremetal-runtimecfg/tree/1280cf541c220af73b9886379dad2dfa4921f73b) * [OCPBUGS-26929](https://issues.redhat.com/browse/OCPBUGS-26929): Add .snyk file to ignore vendor and test files [#295](https://github.com/openshift/baremetal-runtimecfg/pull/295) * [OCPBUGS-22207](https://issues.redhat.com/browse/OCPBUGS-22207): deps: upgrade x/sys [#282](https://github.com/openshift/baremetal-runtimecfg/pull/282) * [OCPBUGS-20081](https://issues.redhat.com/browse/OCPBUGS-20081): Increase timeout for bootstrap kubeapi [#278](https://github.com/openshift/baremetal-runtimecfg/pull/278) * [Full changelog](https://github.com/openshift/baremetal-runtimecfg/compare/dc50979bf902b9e217ab694b225f391529b92963...1280cf541c220af73b9886379dad2dfa4921f73b) ### [cli, cli-artifacts, deployer, tools](https://github.com/openshift/oc/tree/d192e901ece237d9ae1580d73e78f423ec2ef322) * [OCPBUGS-30288](https://issues.redhat.com/browse/OCPBUGS-30288): oc adm catalog mirror: use ToSlash and FromSlash to unify the path separators [#1700](https://github.com/openshift/oc/pull/1700) * [OCPBUGS-25418](https://issues.redhat.com/browse/OCPBUGS-25418): Add client version in must-gather summary [#1635](https://github.com/openshift/oc/pull/1635) * [OCPBUGS-24461](https://issues.redhat.com/browse/OCPBUGS-24461): Overwrite template's namespace with the explicit one [#1617](https://github.com/openshift/oc/pull/1617) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): Add OAuth2 Authorization Code Grant Flow for login [#1599](https://github.com/openshift/oc/pull/1599) * [OCPBUGS-22815](https://issues.redhat.com/browse/OCPBUGS-22815): regeneratemco: explicitly check for PlatformStatus field [#1593](https://github.com/openshift/oc/pull/1593) * [OCPBUGS-20298](https://issues.redhat.com/browse/OCPBUGS-20298): Use quay redis image instead docker mysql [#1566](https://github.com/openshift/oc/pull/1566) * [OCPBUGS-19942](https://issues.redhat.com/browse/OCPBUGS-19942): Truncate existing files when writing from inspect [#1553](https://github.com/openshift/oc/pull/1553) * [Full changelog](https://github.com/openshift/oc/compare/17b7accf8fd25125ce015cf4bea7d3cd3f336317...d192e901ece237d9ae1580d73e78f423ec2ef322) ### [cloud-credential-operator](https://github.com/openshift/cloud-credential-operator/tree/1c2c2aa11f28e705e3d31085b22cbe533e335787) * [OCPBUGS-43340](https://issues.redhat.com/browse/OCPBUGS-43340): Update github.com/sirupsen/logrus v1.8.3 [#770](https://github.com/openshift/cloud-credential-operator/pull/770) * [OCPBUGS-37834](https://issues.redhat.com/browse/OCPBUGS-37834): Resolve SNYK errors in security job. [#743](https://github.com/openshift/cloud-credential-operator/pull/743) * [OCPBUGS-37421](https://issues.redhat.com/browse/OCPBUGS-37421): SNYK ignore go-client misreporting [#740](https://github.com/openshift/cloud-credential-operator/pull/740) * [OCPBUGS-36028](https://issues.redhat.com/browse/OCPBUGS-36028): IBM/go-sdk-core update to v5.17.4 [#722](https://github.com/openshift/cloud-credential-operator/pull/722) * [OCPBUGS-32898](https://issues.redhat.com/browse/OCPBUGS-32898): Upgrade go-jose module to 2.6.3 [#698](https://github.com/openshift/cloud-credential-operator/pull/698) * [OCPBUGS-27912](https://issues.redhat.com/browse/OCPBUGS-27912): Resolve all outstanding snyk vulnerabilities [#651](https://github.com/openshift/cloud-credential-operator/pull/651) * NO-JIRA: Removing andrew from OWNERS [#644](https://github.com/openshift/cloud-credential-operator/pull/644) * [OCPBUGS-25369](https://issues.redhat.com/browse/OCPBUGS-25369): Discover AWS dns suffix from partition and region. [#640](https://github.com/openshift/cloud-credential-operator/pull/640) * [OCPBUGS-21367](https://issues.redhat.com/browse/OCPBUGS-21367): Upgrade golang/x/net for CVE-2023-39325 [#623](https://github.com/openshift/cloud-credential-operator/pull/623) * snyk: exclude vendor/ [#616](https://github.com/openshift/cloud-credential-operator/pull/616) * [Full changelog](https://github.com/openshift/cloud-credential-operator/compare/0621fcaf818f57ab05602259c1eb14db07b68dce...1c2c2aa11f28e705e3d31085b22cbe533e335787) ### [cloud-network-config-controller](https://github.com/openshift/cloud-network-config-controller/tree/d377281c10ab68ea3faf4775f015c1651004b0ff) * [OCPBUGS-32180](https://issues.redhat.com/browse/OCPBUGS-32180): Avoid nil pointer panic while assigning private IP on Azure [#139](https://github.com/openshift/cloud-network-config-controller/pull/139) * [OCPBUGS-22299](https://issues.redhat.com/browse/OCPBUGS-22299): Azure: skip backend pool if attached to an outbound rule [#126](https://github.com/openshift/cloud-network-config-controller/pull/126) * [Full changelog](https://github.com/openshift/cloud-network-config-controller/compare/4f190d6b8c06257071e01b4d75ea9ae33fd20885...d377281c10ab68ea3faf4775f015c1651004b0ff) ### [cluster-authentication-operator](https://github.com/openshift/cluster-authentication-operator/tree/1801056c175da7d1e8d5507fa4558564740c7f4d) * [OCPBUGS-28760](https://issues.redhat.com/browse/OCPBUGS-28760): Fix http2 [4.13] [#654](https://github.com/openshift/cluster-authentication-operator/pull/654) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): Add openshift-cli-client OAuth Client [#641](https://github.com/openshift/cluster-authentication-operator/pull/641) * [OCPBUGS-22210](https://issues.redhat.com/browse/OCPBUGS-22210): increase timeout for probes [#638](https://github.com/openshift/cluster-authentication-operator/pull/638) * [Full changelog](https://github.com/openshift/cluster-authentication-operator/compare/a044dd9175d25911b799082fb189e4886391807b...1801056c175da7d1e8d5507fa4558564740c7f4d) ### [cluster-autoscaler](https://github.com/openshift/kubernetes-autoscaler/tree/c38cc4ec048d14d8e9cdda5008ab9f235fa5fdb2) * [OCPBUGS-40929](https://issues.redhat.com/browse/OCPBUGS-40929): update VPA golang.org/x/net for http rapid reset for CVE-2024-8421 [#317](https://github.com/openshift/kubernetes-autoscaler/pull/317) * [OCPBUGS-31702](https://issues.redhat.com/browse/OCPBUGS-31702): add check for taint.value == nil [#295](https://github.com/openshift/kubernetes-autoscaler/pull/295) * [OCPBUGS-30874](https://issues.redhat.com/browse/OCPBUGS-30874): Fix unstructured taint parsing in Cluster API provider [#289](https://github.com/openshift/kubernetes-autoscaler/pull/289) * [OCPBUGS-23272](https://issues.redhat.com/browse/OCPBUGS-23272): Rebase 4.13 branch onto cluster autoscaler 1.26.4 [#268](https://github.com/openshift/kubernetes-autoscaler/pull/268) * [Full changelog](https://github.com/openshift/kubernetes-autoscaler/compare/c58c53bf7a82ee46414c7f7c0f2e0e438da93eeb...c38cc4ec048d14d8e9cdda5008ab9f235fa5fdb2) ### [cluster-autoscaler-operator](https://github.com/openshift/cluster-autoscaler-operator/tree/0007e9081f1d7aecd652c0843815be4844f67453) * [OCPBUGS-31992](https://issues.redhat.com/browse/OCPBUGS-31992): Update x/net to v0.25.0 [#324](https://github.com/openshift/cluster-autoscaler-operator/pull/324) * [OCPBUGS-20770](https://issues.redhat.com/browse/OCPBUGS-20770): Bump x/net package to v0.18.0 [#299](https://github.com/openshift/cluster-autoscaler-operator/pull/299) * [Full changelog](https://github.com/openshift/cluster-autoscaler-operator/compare/8531634cd2984370912b7530798a85ff4eb86c1e...0007e9081f1d7aecd652c0843815be4844f67453) ### [cluster-baremetal-operator](https://github.com/openshift/cluster-baremetal-operator/tree/cc237f106bbe804c1e16c2781c8a2a73fb5a1099) * [OCPBUGS-31993](https://issues.redhat.com/browse/OCPBUGS-31993): bump x/net to 0.23.0 [#439](https://github.com/openshift/cluster-baremetal-operator/pull/439) * [OCPBUGS-23504](https://issues.redhat.com/browse/OCPBUGS-23504): hack for deploying V6-only clusters from dualstack hubs [#391](https://github.com/openshift/cluster-baremetal-operator/pull/391) * [OCPBUGS-23444](https://issues.redhat.com/browse/OCPBUGS-23444): Update the deprecated field APIServerInternalIP to APIServerInternalIPs [#385](https://github.com/openshift/cluster-baremetal-operator/pull/385) * [OCPBUGS-20867](https://issues.redhat.com/browse/OCPBUGS-20867): Uplift x/net to v0.17.0 [#370](https://github.com/openshift/cluster-baremetal-operator/pull/370) * [Full changelog](https://github.com/openshift/cluster-baremetal-operator/compare/3d1da56f5dd6f350497fde8be1c2020e7ecf22fc...cc237f106bbe804c1e16c2781c8a2a73fb5a1099) ### [cluster-capi-controllers](https://github.com/openshift/cluster-api/tree/12f767b2bd5de1a2641962f5d86d8564333afc65) * [OCPBUGS-21531](https://issues.redhat.com/browse/OCPBUGS-21531): bump golang.org/x/net to v0.17.0 [#185](https://github.com/openshift/cluster-api/pull/185) * [Full changelog](https://github.com/openshift/cluster-api/compare/507f873307be10d8ddbbbe0fecba68aea7c2b5c1...12f767b2bd5de1a2641962f5d86d8564333afc65) ### [cluster-capi-operator](https://github.com/openshift/cluster-capi-operator/tree/b247793dd364f280ad097f5266b4164740e43a44) * [OCPBUGS-21082](https://issues.redhat.com/browse/OCPBUGS-21082): bump golang.org/x/net to v0.17.0 [#137](https://github.com/openshift/cluster-capi-operator/pull/137) * [Full changelog](https://github.com/openshift/cluster-capi-operator/compare/ce1c9a359ec9ab0c5526cd8594ea59bb52044026...b247793dd364f280ad097f5266b4164740e43a44) ### [cluster-cloud-controller-manager-operator](https://github.com/openshift/cluster-cloud-controller-manager-operator/tree/38f638f020ff1e34d33fd44c42b0351912a74486) * [OCPBUGS-35562](https://issues.redhat.com/browse/OCPBUGS-35562): update azure and ash tolerations on node manager [#353](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/353) * [OCPBUGS-35562](https://issues.redhat.com/browse/OCPBUGS-35562): update unit tests [release-4.13] [#354](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/354) * [OCPBUGS-21169](https://issues.redhat.com/browse/OCPBUGS-21169): Bump golang.org/x/net to v0.18.0 [#296](https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/296) * [Full changelog](https://github.com/openshift/cluster-cloud-controller-manager-operator/compare/ef4594ef3f4ca535aa1d34878b79184323ecf481...38f638f020ff1e34d33fd44c42b0351912a74486) ### [cluster-config-operator](https://github.com/openshift/cluster-config-operator/tree/a6d56530c7156bef726005d640c3ded3565104ec) * [OCPBUGS-28802](https://issues.redhat.com/browse/OCPBUGS-28802): Add required PSa labels [#404](https://github.com/openshift/cluster-config-operator/pull/404) * : OCPBUGS-21269: bump library-go to include switch to HTTP/1.1 [#372](https://github.com/openshift/cluster-config-operator/pull/372) * [Full changelog](https://github.com/openshift/cluster-config-operator/compare/a9e658abf7de525b411ff005b65e061e39f58bd6...a6d56530c7156bef726005d640c3ded3565104ec) ### [cluster-control-plane-machine-set-operator](https://github.com/openshift/cluster-control-plane-machine-set-operator/tree/c9d5fa380a02478dd6d07df9461f7202b42de066) * [OCPBUGS-35380](https://issues.redhat.com/browse/OCPBUGS-35380): Improved debugging of API listing errors [#304](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/304) * [OCPBUGS-30156](https://issues.redhat.com/browse/OCPBUGS-30156): Never delete a Machine when there's a single Machine in an index [#286](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/286) * [OCPBUGS-21364](https://issues.redhat.com/browse/OCPBUGS-21364): Bump golang.org/x/net to v0.17.0 [#259](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/259) * [OCPBUGS-20482](https://issues.redhat.com/browse/OCPBUGS-20482): fix: e2e: add gcp custom type to test framework [#249](https://github.com/openshift/cluster-control-plane-machine-set-operator/pull/249) * [Full changelog](https://github.com/openshift/cluster-control-plane-machine-set-operator/compare/7af4825b90ced0b9e59a418c5f208d5521f0a421...c9d5fa380a02478dd6d07df9461f7202b42de066) ### [cluster-csi-snapshot-controller-operator](https://github.com/openshift/cluster-csi-snapshot-controller-operator/tree/c068540d9976ba0fd272e2848de9b0d31a2b7a17) * [OCPBUGS-32334](https://issues.redhat.com/browse/OCPBUGS-32334): create suitable role and roleBinding for csi-snapshot-webhook [#206](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/206) * [OCPBUGS-21461](https://issues.redhat.com/browse/OCPBUGS-21461): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#168](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/168) * [Full changelog](https://github.com/openshift/cluster-csi-snapshot-controller-operator/compare/97b486cb22d56c7ea17b6829606ae0c555bcc426...c068540d9976ba0fd272e2848de9b0d31a2b7a17) ### [cluster-dns-operator](https://github.com/openshift/cluster-dns-operator/tree/461047ef545f66b383352eb8931af18c5a637586) * [OCPBUGS-11449](https://issues.redhat.com/browse/OCPBUGS-11449): Enable topology-aware hints iff nodes in >=2 zones [#418](https://github.com/openshift/cluster-dns-operator/pull/418) * [OCPBUGS-11449](https://issues.redhat.com/browse/OCPBUGS-11449): Ignore max unavailable for status [#417](https://github.com/openshift/cluster-dns-operator/pull/417) * [OCPBUGS-11449](https://issues.redhat.com/browse/OCPBUGS-11449): Set DNS DaemonSet's maxSurge value to 10% [#366](https://github.com/openshift/cluster-dns-operator/pull/366) * [OCPBUGS-21534](https://issues.redhat.com/browse/OCPBUGS-21534): Bump golang.org/x/net/http2 to v0.17.0 for CVE-2023-39325 in cluster-dns-operator [#390](https://github.com/openshift/cluster-dns-operator/pull/390) * [Full changelog](https://github.com/openshift/cluster-dns-operator/compare/c6768d4537b7c2969b77fea26429b2822c0ec844...461047ef545f66b383352eb8931af18c5a637586) ### [cluster-etcd-operator](https://github.com/openshift/cluster-etcd-operator/tree/2b384ac0d231264e3d8278725bc0a65a5f6bff7b) * [OCPBUGS-35077](https://issues.redhat.com/browse/OCPBUGS-35077): return errors in wait-for-ceo [#1273](https://github.com/openshift/cluster-etcd-operator/pull/1273) * [OCPBUGS-31988](https://issues.redhat.com/browse/OCPBUGS-31988): update golang x net [#1255](https://github.com/openshift/cluster-etcd-operator/pull/1255) * [OCPBUGS-30248](https://issues.redhat.com/browse/OCPBUGS-30248): fix panic in health check timeouts [#1217](https://github.com/openshift/cluster-etcd-operator/pull/1217) * [OCPBUGS-30245](https://issues.redhat.com/browse/OCPBUGS-30245): [4.13] Replace nodelister with master nodelister everywhere [#1216](https://github.com/openshift/cluster-etcd-operator/pull/1216) * [OCPBUGS-23572](https://issues.redhat.com/browse/OCPBUGS-23572): Add annotation in the etcd-guard static pod for worklo… [#1163](https://github.com/openshift/cluster-etcd-operator/pull/1163) * [OCPBUGS-23106](https://issues.redhat.com/browse/OCPBUGS-23106): [4.13] Remove z-upgrades from UpgradeBackupController [#1154](https://github.com/openshift/cluster-etcd-operator/pull/1154) * Revert "[release-4.13] OCPBUGS-23044: remove revision stability check from bootstrap complet…" [#1166](https://github.com/openshift/cluster-etcd-operator/pull/1166) * [OCPBUGS-22783](https://issues.redhat.com/browse/OCPBUGS-22783): relax readiness to local serializable requests [#1144](https://github.com/openshift/cluster-etcd-operator/pull/1144) * [OCPBUGS-23044](https://issues.redhat.com/browse/OCPBUGS-23044): remove revision stability check from bootstrap complet… [#1151](https://github.com/openshift/cluster-etcd-operator/pull/1151) * [OCPBUGS-21155](https://issues.redhat.com/browse/OCPBUGS-21155): fixing CVE-2023-39325 by updating dependencies [#1143](https://github.com/openshift/cluster-etcd-operator/pull/1143) * [OCPBUGS-20488](https://issues.redhat.com/browse/OCPBUGS-20488): prioritize podman pull in etcdctl dl [#1136](https://github.com/openshift/cluster-etcd-operator/pull/1136) * [OCPBUGS-19378](https://issues.redhat.com/browse/OCPBUGS-19378): [4.13] Backports of backup/restore fixes [#1117](https://github.com/openshift/cluster-etcd-operator/pull/1117) * [Full changelog](https://github.com/openshift/cluster-etcd-operator/compare/ce4cf2011428c511e38c5873e10259f9636d2f49...2b384ac0d231264e3d8278725bc0a65a5f6bff7b) ### [cluster-image-registry-operator](https://github.com/openshift/cluster-image-registry-operator/tree/19ee668b5c3f9037e1353ca9e5e3e0ca924ae31e) * [OCPBUGS-36034](https://issues.redhat.com/browse/OCPBUGS-36034): go.*,vendor: bump go-retryablehttp [#1070](https://github.com/openshift/cluster-image-registry-operator/pull/1070) * [OCPBUGS-29935](https://issues.redhat.com/browse/OCPBUGS-29935): pkg/storage/s3: enable bucket key on encryption settings [#1007](https://github.com/openshift/cluster-image-registry-operator/pull/1007) * [OCPBUGS-22126](https://issues.redhat.com/browse/OCPBUGS-22126): increase storage account key cache expiration [#940](https://github.com/openshift/cluster-image-registry-operator/pull/940) * [OCPBUGS-20698](https://issues.redhat.com/browse/OCPBUGS-20698): mitigate effects of rapid reset [#946](https://github.com/openshift/cluster-image-registry-operator/pull/946) * [Full changelog](https://github.com/openshift/cluster-image-registry-operator/compare/3ed61e2b86c3ff0eddc66baa038a6b30a579ce15...19ee668b5c3f9037e1353ca9e5e3e0ca924ae31e) ### [cluster-ingress-operator](https://github.com/openshift/cluster-ingress-operator/tree/a45f7a3a44ead85d2e36a57723fc05fc0919c63e) * [OCPBUGS-43095](https://issues.redhat.com/browse/OCPBUGS-43095): Add alert for RFC 7230 violation in Transfer-Encoding headers [#1161](https://github.com/openshift/cluster-ingress-operator/pull/1161) * [OCPBUGS-43095](https://issues.redhat.com/browse/OCPBUGS-43095): Add e2e test for duplicate Transfer-Encoding headers [#1150](https://github.com/openshift/cluster-ingress-operator/pull/1150) * [OCPBUGS-36551](https://issues.redhat.com/browse/OCPBUGS-36551): Add Regexp Anchor to TestAll [#1104](https://github.com/openshift/cluster-ingress-operator/pull/1104) * [OCPBUGS-35453](https://issues.redhat.com/browse/OCPBUGS-35453): [release-4.13] internal service changed fix target port logic [#1089](https://github.com/openshift/cluster-ingress-operator/pull/1089) * [OCPBUGS-35094](https://issues.redhat.com/browse/OCPBUGS-35094): TestHostNetworkPortBinding: Delete t.Parallel() [#1082](https://github.com/openshift/cluster-ingress-operator/pull/1082) * [OCPBUGS-34765](https://issues.redhat.com/browse/OCPBUGS-34765): Don't add clientca-configmap finalizer if deleting [#1073](https://github.com/openshift/cluster-ingress-operator/pull/1073) * [OCPBUGS-34409](https://issues.redhat.com/browse/OCPBUGS-34409): desiredRouterDeployment: Set HostPort if needed [#1062](https://github.com/openshift/cluster-ingress-operator/pull/1062) * [OCPBUGS-33990](https://issues.redhat.com/browse/OCPBUGS-33990): Avoid spurious updates for internalTrafficPolicy [Backport to 4.13] [#1055](https://github.com/openshift/cluster-ingress-operator/pull/1055) * [OCPBUGS-34476](https://issues.redhat.com/browse/OCPBUGS-34476): Use centos7 tag for quay.io/centos7/httpd-24-centos7 image [#1065](https://github.com/openshift/cluster-ingress-operator/pull/1065) * [OCPBUGS-20781](https://issues.redhat.com/browse/OCPBUGS-20781): Bump golang.org/x/net for CVE-2023-44487 [#987](https://github.com/openshift/cluster-ingress-operator/pull/987) * [OCPBUGS-22402](https://issues.redhat.com/browse/OCPBUGS-22402): test/e2e: Don't use openshift/origin-node [#991](https://github.com/openshift/cluster-ingress-operator/pull/991) * [Full changelog](https://github.com/openshift/cluster-ingress-operator/compare/2ecad04e6dcd3338b7180529a9f55cb13dff276d...a45f7a3a44ead85d2e36a57723fc05fc0919c63e) ### [cluster-kube-apiserver-operator](https://github.com/openshift/cluster-kube-apiserver-operator/tree/1448124e32fe47d95c6ae3f6e275599a65498ee5) * [OCPBUGS-34062](https://issues.redhat.com/browse/OCPBUGS-34062): [4.13] add a controller that reconciles SCCs' volumes [#1677](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1677) * [OCPBUGS-25922](https://issues.redhat.com/browse/OCPBUGS-25922): [release-4.13] dashboard: use recording rules for most metrics [#1611](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1611) * : OCPBUGS-24023: Add workload partitioning annotation [#1591](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1591) * : OCPBUGS-20880: bump library-go to include switch to HTTP/1.1 [#1573](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1573) * [Full changelog](https://github.com/openshift/cluster-kube-apiserver-operator/compare/d525f5d788e2a8bbf7dd01902084c3587d32a58f...1448124e32fe47d95c6ae3f6e275599a65498ee5) ### [cluster-kube-cluster-api-operator](https://github.com/openshift/cluster-api-operator/tree/18c076b1b56e06086fc3e4ea89d6922cca2d6b4a) * [OCPBUGS-20981](https://issues.redhat.com/browse/OCPBUGS-20981): bump golang.org/x/net to v0.17.0 [#28](https://github.com/openshift/cluster-api-operator/pull/28) * [Full changelog](https://github.com/openshift/cluster-api-operator/compare/8d627a55e6d765019f4879ea20e2016e6cc0be63...18c076b1b56e06086fc3e4ea89d6922cca2d6b4a) ### [cluster-kube-controller-manager-operator](https://github.com/openshift/cluster-kube-controller-manager-operator/tree/dac7113696160d1170d9b3773afa4a4b7cb2099b) * [OCPBUGS-27066](https://issues.redhat.com/browse/OCPBUGS-27066): bump(library-go)=release-4.13 [#788](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/788) * [OCPBUGS-21103](https://issues.redhat.com/browse/OCPBUGS-21103): Drop flags removed in k8s 1.26 [4.13] [#766](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/766) * [OCPBUGS-21078](https://issues.redhat.com/browse/OCPBUGS-21078): Bump deps to address CVE-2023-44487 [4.13] [#758](https://github.com/openshift/cluster-kube-controller-manager-operator/pull/758) * [Full changelog](https://github.com/openshift/cluster-kube-controller-manager-operator/compare/cc6a31430749e2e0a1b0d9db18c6e664dd4b626e...dac7113696160d1170d9b3773afa4a4b7cb2099b) ### [cluster-kube-scheduler-operator](https://github.com/openshift/cluster-kube-scheduler-operator/tree/2e7c269b358223b89632b35840e6a91cdc7bb9aa) * [OCPBUGS-27065](https://issues.redhat.com/browse/OCPBUGS-27065): bump(library-go)=release-4.13 [#528](https://github.com/openshift/cluster-kube-scheduler-operator/pull/528) * [OCPBUGS-21811](https://issues.redhat.com/browse/OCPBUGS-21811): Bump deps to address CVE-2023-44487 [#502](https://github.com/openshift/cluster-kube-scheduler-operator/pull/502) * [Full changelog](https://github.com/openshift/cluster-kube-scheduler-operator/compare/b4c50a4d65f6971abeed1da815aac038d8700715...2e7c269b358223b89632b35840e6a91cdc7bb9aa) ### [cluster-kube-storage-version-migrator-operator](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/tree/721de5d64083b17c22f6b784bb2c78af39d7b3b0) * : OCPBUGS-21355: bump library-go to include switch to HTTP/1.1 [#97](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/pull/97) * [Full changelog](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/compare/9f475980d1e6a70f0e9400aec6f15e5f5a6132b6...721de5d64083b17c22f6b784bb2c78af39d7b3b0) ### [cluster-machine-approver](https://github.com/openshift/cluster-machine-approver/tree/25fe7b4bd96baba2eef8c0c22521fdc8c08f981d) * [OCPBUGS-21447](https://issues.redhat.com/browse/OCPBUGS-21447): Bump x/net package to v0.18.0 [#213](https://github.com/openshift/cluster-machine-approver/pull/213) * [OCPBUGS-23368](https://issues.redhat.com/browse/OCPBUGS-23368): Filter non node CSRs in metrics [#210](https://github.com/openshift/cluster-machine-approver/pull/210) * [Full changelog](https://github.com/openshift/cluster-machine-approver/compare/ce66cd5420829c20837662770451ee1c64294d47...25fe7b4bd96baba2eef8c0c22521fdc8c08f981d) ### [cluster-monitoring-operator](https://github.com/openshift/cluster-monitoring-operator/tree/3aa76870066af1d0266ab39201856ba711fd08d7) * [OCPBUGS-33581](https://issues.redhat.com/browse/OCPBUGS-33581): label for infra nodes for metric cluster:capacity_cpu_cores:sum [#2344](https://github.com/openshift/cluster-monitoring-operator/pull/2344) * [OCPBUGS-28767](https://issues.redhat.com/browse/OCPBUGS-28767): fix generation of telemeter token hash [#2305](https://github.com/openshift/cluster-monitoring-operator/pull/2305) * [OCPBUGS-25388](https://issues.redhat.com/browse/OCPBUGS-25388): Add RHACM telemetry metric for 4.13 [#2203](https://github.com/openshift/cluster-monitoring-operator/pull/2203) * [OCPBUGS-21457](https://issues.redhat.com/browse/OCPBUGS-21457): Set the new --disable-http2 flag for prometheus-adapter to disable HTTP2 [#2146](https://github.com/openshift/cluster-monitoring-operator/pull/2146) * [OCPBUGS-22920](https://issues.redhat.com/browse/OCPBUGS-22920): jsonnet: pin commits [#2144](https://github.com/openshift/cluster-monitoring-operator/pull/2144) * [OCPBUGS-22842](https://issues.redhat.com/browse/OCPBUGS-22842): [release-4.13] add RHACS telemetry metrics [#2139](https://github.com/openshift/cluster-monitoring-operator/pull/2139) * [OCPBUGS-22308](https://issues.redhat.com/browse/OCPBUGS-22308): fix: force HTTP/1.1 connections [#2134](https://github.com/openshift/cluster-monitoring-operator/pull/2134) * [OCPBUGS-21250](https://issues.redhat.com/browse/OCPBUGS-21250): upgrade golang.org/x/net to v0.17.0 [#2122](https://github.com/openshift/cluster-monitoring-operator/pull/2122) * [OCPBUGS-22099](https://issues.redhat.com/browse/OCPBUGS-22099): Extend remote write test timeout [#2127](https://github.com/openshift/cluster-monitoring-operator/pull/2127) * [Full changelog](https://github.com/openshift/cluster-monitoring-operator/compare/547c850b30e2183f8a6c9842c82ce672ba72cc76...3aa76870066af1d0266ab39201856ba711fd08d7) ### [cluster-network-operator](https://github.com/openshift/cluster-network-operator/tree/df5cf2735b29eb5ca630ec89579ab2bb7a7425b2) * [OCPBUGS-43856](https://issues.redhat.com/browse/OCPBUGS-43856): manifests/02-cncc-credentials: Set skipServiceCheck for GCP [#2547](https://github.com/openshift/cluster-network-operator/pull/2547) * [OCPBUGS-38403](https://issues.redhat.com/browse/OCPBUGS-38403): Add missing runbook for OVNKubernetesNorthdInactive [#2471](https://github.com/openshift/cluster-network-operator/pull/2471) * [OCPBUGS-37941](https://issues.redhat.com/browse/OCPBUGS-37941): update whereabouts crd [#2458](https://github.com/openshift/cluster-network-operator/pull/2458) * [OCPBUGS-30150](https://issues.redhat.com/browse/OCPBUGS-30150): ipsec: fix openssl typo [#2290](https://github.com/openshift/cluster-network-operator/pull/2290) * [OCPBUGS-29674](https://issues.redhat.com/browse/OCPBUGS-29674): add env var in whereabouts-reconciler daemonset [#2279](https://github.com/openshift/cluster-network-operator/pull/2279) * [OCPBUGS-29301](https://issues.redhat.com/browse/OCPBUGS-29301): Update ingressconfig_controller to use field Manager [#2267](https://github.com/openshift/cluster-network-operator/pull/2267) * [OCPBUGS-28208](https://issues.redhat.com/browse/OCPBUGS-28208): ipsec: fix oopsy from 2e3fc8e (cherry-pick of 980c08318e) [#2222](https://github.com/openshift/cluster-network-operator/pull/2222) * [OCPBUGS-28777](https://issues.redhat.com/browse/OCPBUGS-28777): fix whereabouts conformance test failures [#2241](https://github.com/openshift/cluster-network-operator/pull/2241) * [OCPBUGS-27958](https://issues.redhat.com/browse/OCPBUGS-27958): Add ConfigMap mount to the whereabouts-reconciler DaemonSet [#2220](https://github.com/openshift/cluster-network-operator/pull/2220) * NO-JIRA: add kyrtapz as reviewer and approver for release 4.13 [#2229](https://github.com/openshift/cluster-network-operator/pull/2229) * [OCPBUGS-22293](https://issues.redhat.com/browse/OCPBUGS-22293): remove all managed fields used by old manager [#2094](https://github.com/openshift/cluster-network-operator/pull/2094) * [OCPBUGS-24570](https://issues.redhat.com/browse/OCPBUGS-24570): Disable weak SSH cipher suitesRm weak ciphers 4.13 [#2163](https://github.com/openshift/cluster-network-operator/pull/2163) * [OCPBUGS-21716](https://issues.redhat.com/browse/OCPBUGS-21716): Bump golang.org/x/net and github.com/openshift/library-go [#2123](https://github.com/openshift/cluster-network-operator/pull/2123) * [OCPBUGS-22896](https://issues.redhat.com/browse/OCPBUGS-22896): run update-codegen after adding maxLogFiles cfg [#2162](https://github.com/openshift/cluster-network-operator/pull/2162) * [OCPBUGS-22971](https://issues.redhat.com/browse/OCPBUGS-22971): HyperShift: Use the local konnectivity proxy when checking proxy readiness [#2098](https://github.com/openshift/cluster-network-operator/pull/2098) * [OCPBUGS-22896](https://issues.redhat.com/browse/OCPBUGS-22896): Remove oldest ovn acl log files when file limit exceeded [#2097](https://github.com/openshift/cluster-network-operator/pull/2097) * [SDN-4184](https://issues.redhat.com/browse/SDN-4184): Limit OVN-Kubernetes RBAC permissions [#2093](https://github.com/openshift/cluster-network-operator/pull/2093) * [OCPBUGS-20278](https://issues.redhat.com/browse/OCPBUGS-20278): Edited multus-admission-controller deployment config to not add autoount a service account token [#1885](https://github.com/openshift/cluster-network-operator/pull/1885) * [OCPBUGS-19894](https://issues.redhat.com/browse/OCPBUGS-19894): remove prestop hooks for northd, sbdbd and nbdb [#2001](https://github.com/openshift/cluster-network-operator/pull/2001) * [Full changelog](https://github.com/openshift/cluster-network-operator/compare/777eb7b410863537b87be8266533d4bdca15ada6...df5cf2735b29eb5ca630ec89579ab2bb7a7425b2) ### [cluster-node-tuning-operator](https://github.com/openshift/cluster-node-tuning-operator/tree/978a6c56e163f119f757d7116fa99d6b05f7d7f5) * E2E: workload hints: compare existing profile with changes being made to avoid mcp getting stuck (#1069) [#1069](https://github.com/openshift/cluster-node-tuning-operator/pull/1069) * [OCPBUGS-33030](https://issues.redhat.com/browse/OCPBUGS-33030): [release-4.13][manual]Reduce number of reboots in offline tests (#1048) [#1048](https://github.com/openshift/cluster-node-tuning-operator/pull/1048) * Scheduler plugin: ignore IRQs (#1027) [#1027](https://github.com/openshift/cluster-node-tuning-operator/pull/1027) * irqbalance: set banned cpus list to 0 (#1003) [#1003](https://github.com/openshift/cluster-node-tuning-operator/pull/1003) * [OCPBUGS-24353](https://issues.redhat.com/browse/OCPBUGS-24353): rps: cherry-picks of rps fixes (#865) [#865](https://github.com/openshift/cluster-node-tuning-operator/pull/865) * Disable HTTP/2 for webhook and metrics servers (#846) [#846](https://github.com/openshift/cluster-node-tuning-operator/pull/846) * Remove obsolete protocols and weak ciphers (#843) [#843](https://github.com/openshift/cluster-node-tuning-operator/pull/843) * [OCPBUGS-18493](https://issues.redhat.com/browse/OCPBUGS-18493): e2e: deflake IRQ load-balancing (#782) [#782](https://github.com/openshift/cluster-node-tuning-operator/pull/782) * Use RHEL9 as a base (#829) [#829](https://github.com/openshift/cluster-node-tuning-operator/pull/829) * [OCPBUGS-17943](https://issues.redhat.com/browse/OCPBUGS-17943): Add rtentsk plugin to pp tuned profile Signed-off-by: Brent Rowsell <browsell@redhat.com> (#796) [#796](https://github.com/openshift/cluster-node-tuning-operator/pull/796) * nto: avoid timeout when there are too many CSV (#818) [#818](https://github.com/openshift/cluster-node-tuning-operator/pull/818) * [OCPBUGS-19459](https://issues.redhat.com/browse/OCPBUGS-19459): check for object being nil (#820) [#820](https://github.com/openshift/cluster-node-tuning-operator/pull/820) * [Full changelog](https://github.com/openshift/cluster-node-tuning-operator/compare/c09108fb4c7dfedf5c17c939df0d010170b31ee2...978a6c56e163f119f757d7116fa99d6b05f7d7f5) ### [cluster-openshift-apiserver-operator](https://github.com/openshift/cluster-openshift-apiserver-operator/tree/9abb220ac11f370f323f2c248d3ee377394c88b8) * : OCPBUGS-20707: bump library-go to include switch to HTTP/1.1 [#555](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/555) * [OCPBUGS-22210](https://issues.redhat.com/browse/OCPBUGS-22210): increase timeout for probes [#553](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/553) * [Full changelog](https://github.com/openshift/cluster-openshift-apiserver-operator/compare/ea4f097def493950e6e65068284084935b8ce4d9...9abb220ac11f370f323f2c248d3ee377394c88b8) ### [cluster-openshift-controller-manager-operator](https://github.com/openshift/cluster-openshift-controller-manager-operator/tree/6e7e7835519d30ea22e4c4954039bab21de19c80) * [OCPBUGS-38455](https://issues.redhat.com/browse/OCPBUGS-38455): Update opentelemetry to mitigate CVE [#365](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/365) * [OCPBUGS-20796](https://issues.redhat.com/browse/OCPBUGS-20796): bump(k8s,openshift) to address CVE-2023-44487 [#310](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/310) * [Full changelog](https://github.com/openshift/cluster-openshift-controller-manager-operator/compare/9a8aba8cad6491a31e743a7e366d758351482d88...6e7e7835519d30ea22e4c4954039bab21de19c80) ### [cluster-platform-operators-manager](https://github.com/openshift/platform-operators/tree/312c5f24b5711a764350de899b83443a87296983) * [OCPBUGS-20998](https://issues.redhat.com/browse/OCPBUGS-20998): [release-4.13] Bump golang.org/x/net to v0.17.0 [#97](https://github.com/openshift/platform-operators/pull/97) * [Full changelog](https://github.com/openshift/platform-operators/compare/471a80685581ff95fec3bee818f6ee409836eb8e...312c5f24b5711a764350de899b83443a87296983) ### [cluster-policy-controller](https://github.com/openshift/cluster-policy-controller/tree/3b0d075530fdbfdacdfe574151a3313f5231459c) * [OCPBUGS-21103](https://issues.redhat.com/browse/OCPBUGS-21103): Bump deps to address CVE-2023-44487 [4.13] [#135](https://github.com/openshift/cluster-policy-controller/pull/135) * [Full changelog](https://github.com/openshift/cluster-policy-controller/compare/8d2af85d0b6dcf09256bd9fecc5d36ac77bc41d1...3b0d075530fdbfdacdfe574151a3313f5231459c) ### [cluster-samples-operator](https://github.com/openshift/cluster-samples-operator/tree/684a85301940220d69d0c857d82f7d60c855045b) * [OCPBUGS-21198](https://issues.redhat.com/browse/OCPBUGS-21198): update k8s.io/apiserver version [#589](https://github.com/openshift/cluster-samples-operator/pull/589) * [OCPBUGS-22390](https://issues.redhat.com/browse/OCPBUGS-22390): Sync library to remove invalid dockerhub references for OKD [#521](https://github.com/openshift/cluster-samples-operator/pull/521) * [Full changelog](https://github.com/openshift/cluster-samples-operator/compare/f785bad1227439dfdb627538b3f7ecd0eb28f33c...684a85301940220d69d0c857d82f7d60c855045b) ### [cluster-storage-operator](https://github.com/openshift/cluster-storage-operator/tree/b38c26ae676c9e775f901a04c072848fd8726b90) * [OCPBUGS-33468](https://issues.redhat.com/browse/OCPBUGS-33468): Fix problem-detector proxy setting [#473](https://github.com/openshift/cluster-storage-operator/pull/473) * [OCPBUGS-21284](https://issues.redhat.com/browse/OCPBUGS-21284): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#406](https://github.com/openshift/cluster-storage-operator/pull/406) * [Full changelog](https://github.com/openshift/cluster-storage-operator/compare/6769015121cc5212b13995e1317aea8e22ebda55...b38c26ae676c9e775f901a04c072848fd8726b90) ### [cluster-update-keys](https://github.com/openshift/cluster-update-keys/tree/6314bbbe6267585ca299f782569a623f13dd3664) * [OCPBUGS-43886](https://issues.redhat.com/browse/OCPBUGS-43886): keys: Update Red Hat keys to use SHA256 signatures [#67](https://github.com/openshift/cluster-update-keys/pull/67) * [Full changelog](https://github.com/openshift/cluster-update-keys/compare/5b725937d51e9f089c3f99e27e4ee77a6d2cbbcd...6314bbbe6267585ca299f782569a623f13dd3664) ### [cluster-version-operator](https://github.com/openshift/cluster-version-operator/tree/24517b23286b636f50390f9167b41b84da8514cf) * [OCPBUGS-27049](https://issues.redhat.com/browse/OCPBUGS-27049): pkg/cvo/availableupdates: Only bump LastAttempt on Cincinnati pulls [#1019](https://github.com/openshift/cluster-version-operator/pull/1019) * [OCPBUGS-20744](https://issues.redhat.com/browse/OCPBUGS-20744): [4.13] Bump http-related deps [#989](https://github.com/openshift/cluster-version-operator/pull/989) * [OCPBUGS-19472](https://issues.redhat.com/browse/OCPBUGS-19472): Reconcile Volumes in SCCs and flag Upgradeable=False when detecting modified SCC [#969](https://github.com/openshift/cluster-version-operator/pull/969) * [OCPBUGS-20321](https://issues.redhat.com/browse/OCPBUGS-20321): pkg/cvo/sync_worker: Always enable the DeploymentConfig capability [#981](https://github.com/openshift/cluster-version-operator/pull/981) * [OCPBUGS-19828](https://issues.redhat.com/browse/OCPBUGS-19828): pkg/clusterconditions/promql: Warm cache with 1s delay [#974](https://github.com/openshift/cluster-version-operator/pull/974) * [OCPBUGS-20263](https://issues.redhat.com/browse/OCPBUGS-20263): pkg/clusterconditions/cache: Avoid panic on all-fresh-cache evaluation [#980](https://github.com/openshift/cluster-version-operator/pull/980) * [Full changelog](https://github.com/openshift/cluster-version-operator/compare/2ba8f8d7bc59f596db65d47e80ef8765ae340c34...24517b23286b636f50390f9167b41b84da8514cf) ### [console](https://github.com/openshift/console/tree/68accd9324cebecef6d977f8bfbca20b64595372) * [OCPBUGS-44585](https://issues.redhat.com/browse/OCPBUGS-44585): Need to allow blank for Project/namespace when setting SA Subject in 'Project access tab' [#14497](https://github.com/openshift/console/pull/14497) * [OCPBUGS-36557](https://issues.redhat.com/browse/OCPBUGS-36557): Increase login flow state paramater length/entropy [#14483](https://github.com/openshift/console/pull/14483) * [OCPBUGS-42951](https://issues.redhat.com/browse/OCPBUGS-42951): The filepath including leading slash makes error during parsing devfile using Gitlab [#14383](https://github.com/openshift/console/pull/14383) * [OCPBUGS-41594](https://issues.redhat.com/browse/OCPBUGS-41594): Redirects to new PipelineRun logs URL from old PipelineRun logs URL [#14263](https://github.com/openshift/console/pull/14263) * [OCPBUGS-35259](https://issues.redhat.com/browse/OCPBUGS-35259): fix vCenter cluster being empty [#13952](https://github.com/openshift/console/pull/13952) * [OCPBUGS-32147](https://issues.redhat.com/browse/OCPBUGS-32147): Bump graphql-go to v1.3.0 [#13922](https://github.com/openshift/console/pull/13922) * [OCPBUGS-33978](https://issues.redhat.com/browse/OCPBUGS-33978): Helm Plugin's Catalog incorrectly renders a single index entry into multiple tiles [#13872](https://github.com/openshift/console/pull/13872) * [OCPBUGS-34342](https://issues.redhat.com/browse/OCPBUGS-34342): Fix PipelineRun Logs tab navigation [#13890](https://github.com/openshift/console/pull/13890) * [OCPBUGS-24395](https://issues.redhat.com/browse/OCPBUGS-24395): Extra space is in the translation text(Chinese) of 'Create rolebinding' and 'replicate rolebinding' [#13405](https://github.com/openshift/console/pull/13405) * [OCPBUGS-33777](https://issues.redhat.com/browse/OCPBUGS-33777): restrict Masthead logo to max-height to 60px [#13860](https://github.com/openshift/console/pull/13860) * [OCPBUGS-33749](https://issues.redhat.com/browse/OCPBUGS-33749): Add visual connector between VMs and non VMs workloads [#13857](https://github.com/openshift/console/pull/13857) * [OCPBUGS-33382](https://issues.redhat.com/browse/OCPBUGS-33382): Routes created by devfiles do not always use HTTPS [#13827](https://github.com/openshift/console/pull/13827) * [OCPBUGS-33650](https://issues.redhat.com/browse/OCPBUGS-33650): fix issues with Edit Route form [#13851](https://github.com/openshift/console/pull/13851) * [OCPBUGS-32500](https://issues.redhat.com/browse/OCPBUGS-32500): PipelineRuns in Console show wrong status or load indefinitely [#13780](https://github.com/openshift/console/pull/13780) * [OCPBUGS-31077](https://issues.redhat.com/browse/OCPBUGS-31077): Pipeline Name gets changed to "new-pipeline" on the Edit Pipeline YAML/Builder [#13683](https://github.com/openshift/console/pull/13683) * [OCPBUGS-31595](https://issues.redhat.com/browse/OCPBUGS-31595): Fix operands list endpoint. [#13714](https://github.com/openshift/console/pull/13714) * [OCPBUGS-29063](https://issues.redhat.com/browse/OCPBUGS-29063): add additional check to determine if file is binary [#13579](https://github.com/openshift/console/pull/13579) * [OCPBUGS-28788](https://issues.redhat.com/browse/OCPBUGS-28788): Copy response code from proxied plugin requests [#13561](https://github.com/openshift/console/pull/13561) * [OCPBUGS-29243](https://issues.redhat.com/browse/OCPBUGS-29243): Add a new allowInsecure option to the internet proxy [#13593](https://github.com/openshift/console/pull/13593) * [OCPBUGS-27406](https://issues.redhat.com/browse/OCPBUGS-27406): Add Pipeline metrics tab using plugin [#13525](https://github.com/openshift/console/pull/13525) * [OCPBUGS-23483](https://issues.redhat.com/browse/OCPBUGS-23483): add access to create, edit and delete silences for developer user from developer perspective [#13349](https://github.com/openshift/console/pull/13349) * [OCPBUGS-25427](https://issues.redhat.com/browse/OCPBUGS-25427): Fix plugin proxy handler [#13449](https://github.com/openshift/console/pull/13449) * [OCPBUGS-25465](https://issues.redhat.com/browse/OCPBUGS-25465): fix runtime error on Node details Overview when Machin… [#13452](https://github.com/openshift/console/pull/13452) * [OCPBUGS-25146](https://issues.redhat.com/browse/OCPBUGS-25146): add access review for impersonate [#13437](https://github.com/openshift/console/pull/13437) * [OCPBUGS-24591](https://issues.redhat.com/browse/OCPBUGS-24591): ConsolePlugin metrics must no longer be grouped by the vendor [#13424](https://github.com/openshift/console/pull/13424) * [OCPBUGS-22241](https://issues.redhat.com/browse/OCPBUGS-22241): Save also the location.search and .hash values in localStorage to restore them after login [#13271](https://github.com/openshift/console/pull/13271) * [OCPBUGS-24240](https://issues.redhat.com/browse/OCPBUGS-24240): Subsequent PipelineRuns take initial PipelineRun name into account [#13385](https://github.com/openshift/console/pull/13385) * [OCPBUGS-23497](https://issues.redhat.com/browse/OCPBUGS-23497): Cannot Edit Shipwright Build [#13352](https://github.com/openshift/console/pull/13352) * [OCPBUGS-11316](https://issues.redhat.com/browse/OCPBUGS-11316): Fix description for BuildAdapter SDK extension [#12703](https://github.com/openshift/console/pull/12703) * [OCPBUGS-22986](https://issues.redhat.com/browse/OCPBUGS-22986): Correct logout process [#13310](https://github.com/openshift/console/pull/13310) * [OCPBUGS-23065](https://issues.redhat.com/browse/OCPBUGS-23065): remove expandable toggle for conditional update risk d… [#13316](https://github.com/openshift/console/pull/13316) * [OCPBUGS-22784](https://issues.redhat.com/browse/OCPBUGS-22784): add support for new features annotations while preservi… [#13299](https://github.com/openshift/console/pull/13299) * [OCPBUGS-19532](https://issues.redhat.com/browse/OCPBUGS-19532): use active namespace in Create cta href of create action for operator backed [#13179](https://github.com/openshift/console/pull/13179) * [OCPBUGS-18271](https://issues.redhat.com/browse/OCPBUGS-18271): update the KnativeServing API version to v1beta1 for global-config extension [#13112](https://github.com/openshift/console/pull/13112) * [OCPBUGS-20232](https://issues.redhat.com/browse/OCPBUGS-20232): show all the legends for Pipeline metrics in PipelineRun TaskRun Duration chart [#13224](https://github.com/openshift/console/pull/13224) * [OCPBUGS-20231](https://issues.redhat.com/browse/OCPBUGS-20231): fetch TaskRuns without selector and reduces the get TaskRuns requests [#13223](https://github.com/openshift/console/pull/13223) * [OCPBUGS-20330](https://issues.redhat.com/browse/OCPBUGS-20330): Check if filtered object contains name property [#13227](https://github.com/openshift/console/pull/13227) * [OCPBUGS-13285](https://issues.redhat.com/browse/OCPBUGS-13285): add multipath device type to LocalVolumeSet [#12804](https://github.com/openshift/console/pull/12804) * [OCPBUGS-17481](https://issues.redhat.com/browse/OCPBUGS-17481): Fix that "Delete application" doesn't work in topology when Pipelines operator is not installed [#13083](https://github.com/openshift/console/pull/13083) * [Full changelog](https://github.com/openshift/console/compare/317522e9d541a091abdec9cf060c034d8d2b8ed3...68accd9324cebecef6d977f8bfbca20b64595372) ### [console-operator](https://github.com/openshift/console-operator/tree/cb4657d2d8cc94b611bc9b1f4260f2776c30c0f0) * [OCPBUGS-18674](https://issues.redhat.com/browse/OCPBUGS-18674): Reset console operator's conditions [#894](https://github.com/openshift/console-operator/pull/894) * [OCPBUGS-30599](https://issues.redhat.com/browse/OCPBUGS-30599): Disable HTTP/2 for webhook [#875](https://github.com/openshift/console-operator/pull/875) * [OCPBUGS-21008](https://issues.redhat.com/browse/OCPBUGS-21008): [release-4.13] Bump library-go and golang.org/x/net [#866](https://github.com/openshift/console-operator/pull/866) * [OCPBUGS-6208](https://issues.redhat.com/browse/OCPBUGS-6208): Updating openshift-enterprise-console-operator images to be consistent with ART [#872](https://github.com/openshift/console-operator/pull/872) * [OCPBUGS-24591](https://issues.redhat.com/browse/OCPBUGS-24591): ConsolePlugin metrics must no longer be grouped by the vendor [#821](https://github.com/openshift/console-operator/pull/821) * [OCPBUGS-22333](https://issues.redhat.com/browse/OCPBUGS-22333): Make enabled plugins unique [#805](https://github.com/openshift/console-operator/pull/805) * [Full changelog](https://github.com/openshift/console-operator/compare/dd6939f9a9bf2e3a800ba10a78b4e309f2a0a3c3...cb4657d2d8cc94b611bc9b1f4260f2776c30c0f0) ### [container-networking-plugins](https://github.com/openshift/containernetworking-plugins/tree/614ca3c35e1847f38f0f427c04a064cd31ac5002) * [OCPBUGS-20594](https://issues.redhat.com/browse/OCPBUGS-20594): build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 [backport 4.13] [#130](https://github.com/openshift/containernetworking-plugins/pull/130) * [Full changelog](https://github.com/openshift/containernetworking-plugins/compare/dbf24deae8df2b7ccc4c468fddcbb4a19214afa5...614ca3c35e1847f38f0f427c04a064cd31ac5002) ### [coredns](https://github.com/openshift/coredns/tree/e70f09779b20b28f85884c7b665f72f28694db00) * [OCPBUGS-38431](https://issues.redhat.com/browse/OCPBUGS-38431): UPSTREAM: 6354: openshift: key cache on Checking Disabled (CD) bit [#129](https://github.com/openshift/coredns/pull/129) * [OCPBUGS-28205](https://issues.redhat.com/browse/OCPBUGS-28205): UPSTREAM: 6277: openshift: Fix OCPBUGS-28205 [#113](https://github.com/openshift/coredns/pull/113) * [OCPBUGS-21046](https://issues.redhat.com/browse/OCPBUGS-21046): UPSTREAM: <carry>: openshift: Address CVE-2023-39325 [#102](https://github.com/openshift/coredns/pull/102) * [OCPBUGS-19985](https://issues.redhat.com/browse/OCPBUGS-19985): UPSTREAM: <carry>: openshift: Fix OCPBUGS-19985 [#97](https://github.com/openshift/coredns/pull/97) * [Full changelog](https://github.com/openshift/coredns/compare/5560e4ad8c343c211f0b2f9d85ce7331b20b87cb...e70f09779b20b28f85884c7b665f72f28694db00) ### [csi-driver-manila, openstack-cinder-csi-driver, openstack-cloud-controller-manager](https://github.com/openshift/cloud-provider-openstack/tree/c3b7d2f5d7b6be7353edffd811fcd55e8bf0af32) * Switch to a new CI [#2444](https://github.com/openshift/cloud-provider-openstack/pull/2444) * [Full changelog](https://github.com/openshift/cloud-provider-openstack/compare/c59255a34811a412bb9c7af4d176d8cdebf04367...c3b7d2f5d7b6be7353edffd811fcd55e8bf0af32) ### [csi-driver-manila-operator](https://github.com/openshift/csi-driver-manila-operator/tree/596a53c8fb79eddf85bad8deb504536adf228128) * [OCPBUGS-26224](https://issues.redhat.com/browse/OCPBUGS-26224): Fix selector for manila-csi-driver-controller-metrics service [#224](https://github.com/openshift/csi-driver-manila-operator/pull/224) * [Full changelog](https://github.com/openshift/csi-driver-manila-operator/compare/b1295cd1a5978faa503c199d59d129e3ecfe2aeb...596a53c8fb79eddf85bad8deb504536adf228128) ### [csi-driver-shared-resource, csi-driver-shared-resource-webhook](https://github.com/openshift/csi-driver-shared-resource/tree/01bbb23b627835354f6177b4b44cfc50bd6d9a2e) * [OCPBUGS-28953](https://issues.redhat.com/browse/OCPBUGS-28953): Replace 'coreydaley' with 'sayan-biswas' in OWNERS file [#168](https://github.com/openshift/csi-driver-shared-resource/pull/168) * [OCPBUGS-23116](https://issues.redhat.com/browse/OCPBUGS-23116): Should reference configmaps instead of secrets [#153](https://github.com/openshift/csi-driver-shared-resource/pull/153) * [OCPBUGS-20719](https://issues.redhat.com/browse/OCPBUGS-20719): bump golang.org/x/net to v0.17.0 [#147](https://github.com/openshift/csi-driver-shared-resource/pull/147) * [Full changelog](https://github.com/openshift/csi-driver-shared-resource/compare/f797d453f112aab86f3b7705c00ea871c2351d4a...01bbb23b627835354f6177b4b44cfc50bd6d9a2e) ### [csi-driver-shared-resource-operator](https://github.com/openshift/csi-driver-shared-resource-operator/tree/bc169d2d8d1cd128770d2202c6cc00e5328e4e73) * [OCPBUGS-28958](https://issues.redhat.com/browse/OCPBUGS-28958): Replace 'coreydaley' with 'sayan-biswas' in OWNERS file [#104](https://github.com/openshift/csi-driver-shared-resource-operator/pull/104) * [OCPBUGS-20806](https://issues.redhat.com/browse/OCPBUGS-20806): bump golang.org/x/net to v0.17.0 [#87](https://github.com/openshift/csi-driver-shared-resource-operator/pull/87) * [Full changelog](https://github.com/openshift/csi-driver-shared-resource-operator/compare/318c84a5cd3ffa9d92d7e7bf6c8dc4008dc132cf...bc169d2d8d1cd128770d2202c6cc00e5328e4e73) ### [csi-external-attacher](https://github.com/openshift/csi-external-attacher/tree/d92908438817984fc47558fdaa03805d8c3b256c) * [OCPBUGS-21161](https://issues.redhat.com/browse/OCPBUGS-21161): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#61](https://github.com/openshift/csi-external-attacher/pull/61) * [Full changelog](https://github.com/openshift/csi-external-attacher/compare/e9d59a2d66491d60d43488e05af7b4b673c722fd...d92908438817984fc47558fdaa03805d8c3b256c) ### [csi-external-provisioner](https://github.com/openshift/csi-external-provisioner/tree/0bf126b77a721ddaa4706fcb41f8b7be8d292492) * [OCPBUGS-20759](https://issues.redhat.com/browse/OCPBUGS-20759): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#73](https://github.com/openshift/csi-external-provisioner/pull/73) * [Full changelog](https://github.com/openshift/csi-external-provisioner/compare/f1fa8099e31e57452b7cf6f2e1ca288ae21ce78f...0bf126b77a721ddaa4706fcb41f8b7be8d292492) ### [csi-external-resizer](https://github.com/openshift/csi-external-resizer/tree/e8036caff2482648a18c1ac776cf9d2474569d10) * [OCPBUGS-20908](https://issues.redhat.com/browse/OCPBUGS-20908): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#148](https://github.com/openshift/csi-external-resizer/pull/148) * [Full changelog](https://github.com/openshift/csi-external-resizer/compare/974ac363a4f95b810ebb6f09ba26dedf1c8b8a4a...e8036caff2482648a18c1ac776cf9d2474569d10) ### [csi-external-snapshotter, csi-snapshot-controller, csi-snapshot-validation-webhook](https://github.com/openshift/csi-external-snapshotter/tree/c8a7a097f68b37ad06a87a4b5c480daeab45be85) * [OCPBUGS-29728](https://issues.redhat.com/browse/OCPBUGS-29728): cherry-pick:release-4.13: OCPBUGS-29244 Update VolumeSnapshot and VolumeSnapshotContent using JSON patch [#141](https://github.com/openshift/csi-external-snapshotter/pull/141) * [OCPBUGS-21011](https://issues.redhat.com/browse/OCPBUGS-21011): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#110](https://github.com/openshift/csi-external-snapshotter/pull/110) * [Full changelog](https://github.com/openshift/csi-external-snapshotter/compare/3f52ee74753f7823f102c239d0750784b64b6398...c8a7a097f68b37ad06a87a4b5c480daeab45be85) ### [csi-livenessprobe](https://github.com/openshift/csi-livenessprobe/tree/3587db51b8a672a2d3be2ac48ea107e474f33402) * [OCPBUGS-20636](https://issues.redhat.com/browse/OCPBUGS-20636): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#51](https://github.com/openshift/csi-livenessprobe/pull/51) * [Full changelog](https://github.com/openshift/csi-livenessprobe/compare/a888237c9ab43eab0ca992f0b18eff114ea4ade1...3587db51b8a672a2d3be2ac48ea107e474f33402) ### [csi-node-driver-registrar](https://github.com/openshift/csi-node-driver-registrar/tree/9ea90f34485500a525fcaad3d79ee82a41402d47) * [OCPBUGS-20686](https://issues.redhat.com/browse/OCPBUGS-20686): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#53](https://github.com/openshift/csi-node-driver-registrar/pull/53) * [Full changelog](https://github.com/openshift/csi-node-driver-registrar/compare/5f13d5e6f5b06a99995e0697d83bbdb36efceb46...9ea90f34485500a525fcaad3d79ee82a41402d47) ### [docker-builder](https://github.com/openshift/builder/tree/2ec296b735a1dcb21e2ff098cda6ef1936a15b58) * Replace 'coreydaley' with 'sayan-biswas' [#407](https://github.com/openshift/builder/pull/407) * [BUILD-854](https://issues.redhat.com/browse/BUILD-854): Add adambkaplan as approver [#405](https://github.com/openshift/builder/pull/405) * [OCPBUGS-22468](https://issues.redhat.com/browse/OCPBUGS-22468): [release-4.13] Bump github.com/sigstore/rekor [#374](https://github.com/openshift/builder/pull/374) * [OCPBUGS-23021](https://issues.redhat.com/browse/OCPBUGS-23021): Add -p flag to cp command to preserve timestamps [#371](https://github.com/openshift/builder/pull/371) * [OCPBUGS-20709](https://issues.redhat.com/browse/OCPBUGS-20709): [release-4.13] Bump golang.org/x/net [#363](https://github.com/openshift/builder/pull/363) * [Full changelog](https://github.com/openshift/builder/compare/1fec8a28a78b81aabc2bcbe8ac4843c8b7938230...2ec296b735a1dcb21e2ff098cda6ef1936a15b58) ### [egress-router-cni](https://github.com/openshift/egress-router-cni/tree/dfe03737f1562e81aa09101e4a48f039245bd339) * [OCPBUGS-11648](https://issues.redhat.com/browse/OCPBUGS-11648): update go-yaml to v2.4.0 [#68](https://github.com/openshift/egress-router-cni/pull/68) * [Full changelog](https://github.com/openshift/egress-router-cni/compare/756e38455b8e08a34510e188673c77503dca3ff1...dfe03737f1562e81aa09101e4a48f039245bd339) ### [etcd](https://github.com/openshift/etcd/tree/a6b7ad436ea8139436c6e9a456fdacd09ec7f054) * [OCPBUGS-32920](https://issues.redhat.com/browse/OCPBUGS-32920): Revert "Merge pull request #262 from Elbehery/rebase-etcd-3.5.13-open… [#266](https://github.com/openshift/etcd/pull/266) * [OCPBUGS-31653](https://issues.redhat.com/browse/OCPBUGS-31653): Rebase etcd 3.5.13 openshift 4.13 [#262](https://github.com/openshift/etcd/pull/262) * [ETCD-537](https://issues.redhat.com/browse/ETCD-537): Revert "bump build root go1.20" [#263](https://github.com/openshift/etcd/pull/263) * [OCPBUGS-28734](https://issues.redhat.com/browse/OCPBUGS-28734): Rebase etcd 3.5.12 openshift 4.13 [#245](https://github.com/openshift/etcd/pull/245) * [ETCD-537](https://issues.redhat.com/browse/ETCD-537): bump build root go1.20 [#252](https://github.com/openshift/etcd/pull/252) * [OCPBUGS-26925](https://issues.redhat.com/browse/OCPBUGS-26925): Rebase etcd 3.5.11 openshift 4.13 [#239](https://github.com/openshift/etcd/pull/239) * [OCPBUGS-22697](https://issues.redhat.com/browse/OCPBUGS-22697): [4.13] Carrying fixes for CVE-2023-44487 [#225](https://github.com/openshift/etcd/pull/225) * [Full changelog](https://github.com/openshift/etcd/compare/7efbc019a20e4c025d482749d49d0d72892dbfe1...a6b7ad436ea8139436c6e9a456fdacd09ec7f054) ### [gcp-cloud-controller-manager](https://github.com/openshift/cloud-provider-gcp/tree/507fea9800dc63da95ce551d2fb03219d0b0597a) * [OCPBUGS-21303](https://issues.redhat.com/browse/OCPBUGS-21303): Bump golang.org/x/net to v0.18.0 [#43](https://github.com/openshift/cloud-provider-gcp/pull/43) * [Full changelog](https://github.com/openshift/cloud-provider-gcp/compare/efaf4dc692072338d472f086c9f691c71f4a028d...507fea9800dc63da95ce551d2fb03219d0b0597a) ### [gcp-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-gcp/tree/b8a2772574aacf16a998ff7c7ba24000eff60d07) * [OCPBUGS-21398](https://issues.redhat.com/browse/OCPBUGS-21398): Bump golang.org/x/net to v0.17.0 [#204](https://github.com/openshift/cluster-api-provider-gcp/pull/204) * [Full changelog](https://github.com/openshift/cluster-api-provider-gcp/compare/eaeccca9082e1c02ad3422ff49e69cc595bd2ec6...b8a2772574aacf16a998ff7c7ba24000eff60d07) ### [gcp-machine-controllers](https://github.com/openshift/machine-api-provider-gcp/tree/e53a397d838137a37895fe668cba4857a82e7da2) * [OCPBUGS-24563](https://issues.redhat.com/browse/OCPBUGS-24563): Reduce metrics cardinality. [#74](https://github.com/openshift/machine-api-provider-gcp/pull/74) * [OCPBUGS-20851](https://issues.redhat.com/browse/OCPBUGS-20851): Bump x/net package to v0.18.0 [#68](https://github.com/openshift/machine-api-provider-gcp/pull/68) * [Full changelog](https://github.com/openshift/machine-api-provider-gcp/compare/38ddff06b72b364d1c994582d7ae3f119ef5d1a8...e53a397d838137a37895fe668cba4857a82e7da2) ### [gcp-pd-csi-driver](https://github.com/openshift/gcp-pd-csi-driver/tree/81e6074605854246cdab8425a7289ad83169571a) * [OCPBUGS-20735](https://issues.redhat.com/browse/OCPBUGS-20735): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#46](https://github.com/openshift/gcp-pd-csi-driver/pull/46) * [Full changelog](https://github.com/openshift/gcp-pd-csi-driver/compare/c30195c5c3148bf6e00795b49a79954e6d920130...81e6074605854246cdab8425a7289ad83169571a) ### [gcp-pd-csi-driver-operator](https://github.com/openshift/gcp-pd-csi-driver-operator/tree/08c561b8292b4a5de3d5bc553a3e463b1f93ec0c) * [OCPBUGS-20827](https://issues.redhat.com/browse/OCPBUGS-20827): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#88](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/88) * [Full changelog](https://github.com/openshift/gcp-pd-csi-driver-operator/compare/6534fed3d667750a54fb6750bffc09bee61832e8...08c561b8292b4a5de3d5bc553a3e463b1f93ec0c) ### [haproxy-router](https://github.com/openshift/router/tree/8b39926371f49a623ad814851533ab4d87f3af1a) * [OCPBUGS-43095](https://issues.redhat.com/browse/OCPBUGS-43095): add duplicate_te_header_total metric [#626](https://github.com/openshift/router/pull/626) * [OCPBUGS-34673](https://issues.redhat.com/browse/OCPBUGS-34673): Properly handle rewrite-target annotation [#608](https://github.com/openshift/router/pull/608) * [OCPBUGS-33911](https://issues.redhat.com/browse/OCPBUGS-33911): Reject routes with MD5 certs [#600](https://github.com/openshift/router/pull/600) * [OCPBUGS-33448](https://issues.redhat.com/browse/OCPBUGS-33448): Count active services before setting weight to 1 [#594](https://github.com/openshift/router/pull/594) * [OCPBUGS-33280](https://issues.redhat.com/browse/OCPBUGS-33280): Route 'haproxy.router.openshift.io/timeout' value is not validated [#591](https://github.com/openshift/router/pull/591) * [OCPBUGS-21117](https://issues.redhat.com/browse/OCPBUGS-21117): Bump golang.org/x/net to v0.17.0 to address CVE-2023-39325 [#531](https://github.com/openshift/router/pull/531) * [Full changelog](https://github.com/openshift/router/compare/057eae91f82fb3900fc3d18172b5e6e6ad2d59d8...8b39926371f49a623ad814851533ab4d87f3af1a) ### [hyperkube, pod](https://github.com/openshift/kubernetes/tree/53fd427d5826f19785655e0f8c33642009e0a12b) * [OCPBUGS-41678](https://issues.redhat.com/browse/OCPBUGS-41678): mount-utils: treat syscall.ENODEV as corrupted mount [#2083](https://github.com/openshift/kubernetes/pull/2083) * [OCPBUGS-37280](https://issues.redhat.com/browse/OCPBUGS-37280): UPSTREAM: 126104: Add funcs in pkg/filesystem/util that can actually … [#2045](https://github.com/openshift/kubernetes/pull/2045) * [OCPBUGS-28660](https://issues.redhat.com/browse/OCPBUGS-28660): UPSTREAM: <carry>: kubelet/cm: use MkdirAll when creating cpuset to ignore file exists error [#1875](https://github.com/openshift/kubernetes/pull/1875) * UPSTREAM: <drop>: Bump golang.org/x/net to v0.23.0 [#1938](https://github.com/openshift/kubernetes/pull/1938) * [OCPBUGS-31505](https://issues.redhat.com/browse/OCPBUGS-31505): Update to kubernetes 1.26.15 [#1930](https://github.com/openshift/kubernetes/pull/1930) * Address CVE [#14](https://github.com/openshift/kubernetes/pull/14) * [OCPBUGS-29663](https://issues.redhat.com/browse/OCPBUGS-29663): Update to kubernetes 1.26.14 [#1889](https://github.com/openshift/kubernetes/pull/1889) * [OCPBUGS-12210](https://issues.redhat.com/browse/OCPBUGS-12210): Prevent partially filled HPA behaviors from crashing kube-controller-manager [#1876](https://github.com/openshift/kubernetes/pull/1876) * [OCPBUGS-27370](https://issues.redhat.com/browse/OCPBUGS-27370): Update to kubernetes 1.26.13 [#1859](https://github.com/openshift/kubernetes/pull/1859) * [OCPBUGS-25814](https://issues.redhat.com/browse/OCPBUGS-25814): Fix device uncertain errors on reboot - 4.13 [#1831](https://github.com/openshift/kubernetes/pull/1831) * [OCPBUGS-25988](https://issues.redhat.com/browse/OCPBUGS-25988): Update to kubernetes 1.26.12 [#1839](https://github.com/openshift/kubernetes/pull/1839) * [OCPBUGS-25767](https://issues.redhat.com/browse/OCPBUGS-25767): legacy-cloud-providers: prevent index out-of-range in getNextUnitNumber [#1834](https://github.com/openshift/kubernetes/pull/1834) * [OCPBUGS-23521](https://issues.redhat.com/browse/OCPBUGS-23521): UPSTREAM: <carry>: support for both icsp and idms objects [#1798](https://github.com/openshift/kubernetes/pull/1798) * [OCPBUGS-23567](https://issues.redhat.com/browse/OCPBUGS-23567): Update to kubernetes 1.26.11 [#1809](https://github.com/openshift/kubernetes/pull/1809) * [OCPBUGS-18829](https://issues.redhat.com/browse/OCPBUGS-18829): cm: reorder setting of sched_load_balance for sandbox slice [#1696](https://github.com/openshift/kubernetes/pull/1696) * [OCPBUGS-23287](https://issues.redhat.com/browse/OCPBUGS-23287): UPSTREAM: 121881: Use golang library instead of mklink [#1802](https://github.com/openshift/kubernetes/pull/1802) * openshift-hack: Fix sporadic 141 errors in build-rpms [#1773](https://github.com/openshift/kubernetes/pull/1773) * [OCPBUGS-20114](https://issues.redhat.com/browse/OCPBUGS-20114): UPSTREAM: <carry>: Do not allow nodes to set forbidden openshift labels [#1746](https://github.com/openshift/kubernetes/pull/1746) * [OCPBUGS-21063](https://issues.redhat.com/browse/OCPBUGS-21063): [release-4.13] UPSTREAM: 121126: [1.26][CVE-2023-39325] .: bump golang.org/x/net to v0.17.0 [#1759](https://github.com/openshift/kubernetes/pull/1759) * [Full changelog](https://github.com/openshift/kubernetes/compare/07c0911cf67a7fb244e0aed4f28e44a92feccb2f...53fd427d5826f19785655e0f8c33642009e0a12b) ### [hypershift](https://github.com/openshift/hypershift/tree/6daddeedbbd201813c51c0b978127884b96e4402) * [OCPBUGS-39184](https://issues.redhat.com/browse/OCPBUGS-39184): fix: bump github.com/IBM/go-sdk-core/v5 [#4627](https://github.com/openshift/hypershift/pull/4627) * [OCPBUGS-41515](https://issues.redhat.com/browse/OCPBUGS-41515): set Konnectivity cipher suites [#4284](https://github.com/openshift/hypershift/pull/4284) * NO-JIRA: hack: make the e2e script generic [#4202](https://github.com/openshift/hypershift/pull/4202) * [HOSTEDCP-1146](https://issues.redhat.com/browse/HOSTEDCP-1146): cpo: use CPO spec container image if it is a sha256 reference [#3296](https://github.com/openshift/hypershift/pull/3296) * [OCPBUGS-22971](https://issues.redhat.com/browse/OCPBUGS-22971): Add konnectivity-proxy container to CNO [#3167](https://github.com/openshift/hypershift/pull/3167) * [OCPBUGS-23455](https://issues.redhat.com/browse/OCPBUGS-23455): Use the same etcd snapshot for all replicas during etcd restore [#3205](https://github.com/openshift/hypershift/pull/3205) * NO-JIRA: Red Hat Trusted App Pipeline purge hypershift-operator-release-413 [#3217](https://github.com/openshift/hypershift/pull/3217) * [Full changelog](https://github.com/openshift/hypershift/compare/2c52769df12895ea389c8e87c6175dc59aedd4d6...6daddeedbbd201813c51c0b978127884b96e4402) ### [ibm-cloud-controller-manager](https://github.com/openshift/cloud-provider-ibm/tree/b5bcaf9caa96561a32ec5e7b79ca41e173ecfe25) * [OCPBUGS-24999](https://issues.redhat.com/browse/OCPBUGS-24999): Add Snyk file to exclude vendor directory on scan [#66](https://github.com/openshift/cloud-provider-ibm/pull/66) * [OCPBUGS-21137](https://issues.redhat.com/browse/OCPBUGS-21137): Bump golang.org/x/net to v0.18.0 [#56](https://github.com/openshift/cloud-provider-ibm/pull/56) * [Full changelog](https://github.com/openshift/cloud-provider-ibm/compare/59edd923386b36f2cad99150b7fd11fb7bbb1688...b5bcaf9caa96561a32ec5e7b79ca41e173ecfe25) ### [ibm-vpc-block-csi-driver](https://github.com/openshift/ibm-vpc-block-csi-driver/tree/54aaeff798c04decfb25cf552be760a90d53f97c) * [OCPBUGS-36064](https://issues.redhat.com/browse/OCPBUGS-36064): CVE-2024-6104: bump github.com/hashicorp/go-retryablehttp to v0.7.7 [#74](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/74) * [OCPBUGS-18143](https://issues.redhat.com/browse/OCPBUGS-18143): [IBM VPC] failed provisioning volume in proxy cluster [#47](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/47) * [OCPBUGS-21230](https://issues.redhat.com/browse/OCPBUGS-21230): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#51](https://github.com/openshift/ibm-vpc-block-csi-driver/pull/51) * [Full changelog](https://github.com/openshift/ibm-vpc-block-csi-driver/compare/42b5c256657da2de184c3e5ec9c619131ed1cd57...54aaeff798c04decfb25cf552be760a90d53f97c) ### [ibm-vpc-block-csi-driver-operator](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/tree/4c23f8185288d1030913f8d9097d75132ed7d158) * [OCPBUGS-36070](https://issues.redhat.com/browse/OCPBUGS-36070): CVE-2024-6104: bump github.com/hashicorp/go-retryablehttp to v0.7.7 [#123](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/123) * [OCPBUGS-21319](https://issues.redhat.com/browse/OCPBUGS-21319): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#82](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/82) * [OCPBUGS-18143](https://issues.redhat.com/browse/OCPBUGS-18143): [IBM VPC] failed provisioning volume in proxy cluster [#76](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/76) * [Full changelog](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/compare/ce92007db2dfd6cd8b9b9c7cfcfaeec801e76097...4c23f8185288d1030913f8d9097d75132ed7d158) ### [ibm-vpc-node-label-updater](https://github.com/openshift/ibm-vpc-node-label-updater/tree/b819827a4e45d01833f874b92ba30ccc39ccd19f) * [OCPBUGS-36010](https://issues.redhat.com/browse/OCPBUGS-36010): CVE-2024-6104: bump github.com/hashicorp/go-retryablehttp to v0.7.7 [#43](https://github.com/openshift/ibm-vpc-node-label-updater/pull/43) * [OCPBUGS-21432](https://issues.redhat.com/browse/OCPBUGS-21432): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#28](https://github.com/openshift/ibm-vpc-node-label-updater/pull/28) * [Full changelog](https://github.com/openshift/ibm-vpc-node-label-updater/compare/96ff048184ce4005bd8a4ae6ef1146ba0fa230ac...b819827a4e45d01833f874b92ba30ccc39ccd19f) ### [ibmcloud-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-ibmcloud/tree/f2694417d53b759212fdb3e0c905f26aae09b838) * [OCPBUGS-36076](https://issues.redhat.com/browse/OCPBUGS-36076): UPSTREAM: <carry>: Fix go-retryablehttp CVE - 4.13 [#90](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/90) * [OCPBUGS-21418](https://issues.redhat.com/browse/OCPBUGS-21418): UPSTREAM: <carry>: bump golang.org/x/net to v0.18.0 [#66](https://github.com/openshift/cluster-api-provider-ibmcloud/pull/66) * [Full changelog](https://github.com/openshift/cluster-api-provider-ibmcloud/compare/d221afa4bee0d722a97f49c0212dfb7954f49b93...f2694417d53b759212fdb3e0c905f26aae09b838) ### [insights-operator](https://github.com/openshift/insights-operator/tree/162554e15ece3653649c9a61567d332a462f079a) * [OCPBUGS-36475](https://issues.redhat.com/browse/OCPBUGS-36475): properly encode the URL for the advisor links (#962) (#965) [#962](https://github.com/openshift/insights-operator/pull/962) * [OCPBUGS-33449](https://issues.redhat.com/browse/OCPBUGS-33449): anonymization - externalIP can be nil (#931) (#933) (#935) [#931](https://github.com/openshift/insights-operator/pull/931) * [OCPBUGS-31991](https://issues.redhat.com/browse/OCPBUGS-31991): bump golang.org/x/net version (#927) [#927](https://github.com/openshift/insights-operator/pull/927) * [OCPBUGS-28157](https://issues.redhat.com/browse/OCPBUGS-28157): Add extra check in ids to bypass validations (#905) [#905](https://github.com/openshift/insights-operator/pull/905) * gather etcd_server_slow metrics (#902) (#909) [#902](https://github.com/openshift/insights-operator/pull/902) * [OCPBUGS-23962](https://issues.redhat.com/browse/OCPBUGS-23962): adds helm information gather (#868) (#883) [#868](https://github.com/openshift/insights-operator/pull/868) * [OCPBUGS-22958](https://issues.redhat.com/browse/OCPBUGS-22958): adds cluster storageclasses gather (#858) (#875) [#858](https://github.com/openshift/insights-operator/pull/858) * [OCPBUGS-22953](https://issues.redhat.com/browse/OCPBUGS-22953): create Prometheus rules programmatically according the… (#860) [#860](https://github.com/openshift/insights-operator/pull/860) * [OCPBUGS-22914](https://issues.redhat.com/browse/OCPBUGS-22914): remove username & password config options (#859) [#859](https://github.com/openshift/insights-operator/pull/859) * [OCPBUGS-20750](https://issues.redhat.com/browse/OCPBUGS-20750): update dependencies (#840) [#840](https://github.com/openshift/insights-operator/pull/840) * Add cherry-pick from 4.14 (#848) [#848](https://github.com/openshift/insights-operator/pull/848) * [Full changelog](https://github.com/openshift/insights-operator/compare/ba18a081c0e2bd04aea1d41ae132e2f5b113bfda...162554e15ece3653649c9a61567d332a462f079a) ### [ironic](https://github.com/openshift/ironic-image/tree/10e188ac2b2e851ea33863ec4446166a65ef71d1) * [OCPBUGS-43952](https://issues.redhat.com/browse/OCPBUGS-43952), [OCPBUGS-43960](https://issues.redhat.com/browse/OCPBUGS-43960): Bump python-waitress [4.13] [#608](https://github.com/openshift/ironic-image/pull/608) * [OCPBUGS-37764](https://issues.redhat.com/browse/OCPBUGS-37764), [OCPBUGS-39384](https://issues.redhat.com/browse/OCPBUGS-39384): Include fixes for CVE-2024-44082 [#585](https://github.com/openshift/ironic-image/pull/585) * [OCPBUGS-38509](https://issues.redhat.com/browse/OCPBUGS-38509): set min version for python3-webob [#557](https://github.com/openshift/ironic-image/pull/557) * [OCPBUGS-33374](https://issues.redhat.com/browse/OCPBUGS-33374): bump werkzeug [#543](https://github.com/openshift/ironic-image/pull/543) * [OCPBUGS-34898](https://issues.redhat.com/browse/OCPBUGS-34898): bump jinja2 [#538](https://github.com/openshift/ironic-image/pull/538) * [OCPBUGS-37116](https://issues.redhat.com/browse/OCPBUGS-37116): Update eventlet version [#525](https://github.com/openshift/ironic-image/pull/525) * [OCPBUGS-32363](https://issues.redhat.com/browse/OCPBUGS-32363): [4.13] remove unused prometheus-exporter [#488](https://github.com/openshift/ironic-image/pull/488) * [OCPBUGS-32387](https://issues.redhat.com/browse/OCPBUGS-32387): Use unix sockets by default for reverse proxy communication [#476](https://github.com/openshift/ironic-image/pull/476) * [OCPBUGS-29190](https://issues.redhat.com/browse/OCPBUGS-29190): Fix Inspector iPXE config for IPv6 addresses [#453](https://github.com/openshift/ironic-image/pull/453) * [OCPBUGS-23978](https://issues.redhat.com/browse/OCPBUGS-23978): Ironic side of external_http_url (METAL-163) is not wired in correctly [#430](https://github.com/openshift/ironic-image/pull/430) * [OCPBUGS-23506](https://issues.redhat.com/browse/OCPBUGS-23506): Uplift eventlet version [#427](https://github.com/openshift/ironic-image/pull/427) * [OCPBUGS-23356](https://issues.redhat.com/browse/OCPBUGS-23356): Upgrade werkzeug dependency [#422](https://github.com/openshift/ironic-image/pull/422) * [OCPBUGS-19078](https://issues.redhat.com/browse/OCPBUGS-19078): Handle Eject DVD 4.13 [#416](https://github.com/openshift/ironic-image/pull/416) * [OCPBUGS-23072](https://issues.redhat.com/browse/OCPBUGS-23072): Use bash process substitution instead of pipe [#413](https://github.com/openshift/ironic-image/pull/413) * [Full changelog](https://github.com/openshift/ironic-image/compare/fc1cca95711797767336878bfb9e2e4b9801ecfa...10e188ac2b2e851ea33863ec4446166a65ef71d1) ### [ironic-agent](https://github.com/openshift/ironic-agent-image/tree/92e3efb4c38dba903316d7cb88afa4bbaa04d259) * [OCPBUGS-39384](https://issues.redhat.com/browse/OCPBUGS-39384): Include fixes for CVE-2024-44082 [#164](https://github.com/openshift/ironic-agent-image/pull/164) * [OCPBUGS-38509](https://issues.redhat.com/browse/OCPBUGS-38509): set webob and bump werkzeug [#152](https://github.com/openshift/ironic-agent-image/pull/152) * [OCPBUGS-29725](https://issues.redhat.com/browse/OCPBUGS-29725): Always add ignition to set hostname on /etc/hostname [#111](https://github.com/openshift/ironic-agent-image/pull/111) * [Full changelog](https://github.com/openshift/ironic-agent-image/compare/508e61245eb34d1f83771b1522021ffcde59fecc...92e3efb4c38dba903316d7cb88afa4bbaa04d259) ### [k8s-prometheus-adapter](https://github.com/openshift/k8s-prometheus-adapter/tree/0fce7c7c97d56ba0a0ae4c6a2ba32e559b8a03d7) * [OCPBUGS-21457](https://issues.redhat.com/browse/OCPBUGS-21457): upgrade golang.org/x/net to 0.17.0 to address CVE [#90](https://github.com/openshift/k8s-prometheus-adapter/pull/90) * [OCPBUGS-20405](https://issues.redhat.com/browse/OCPBUGS-20405): limit number of simultaneous client requests [#78](https://github.com/openshift/k8s-prometheus-adapter/pull/78) * [Full changelog](https://github.com/openshift/k8s-prometheus-adapter/compare/b2e401059a11d23923adba51eeb82cbd5d75b7fc...0fce7c7c97d56ba0a0ae4c6a2ba32e559b8a03d7) ### [keepalived-ipfailover](https://github.com/openshift/images/tree/1a14e5c9896976b43767ab325a6fe35527a514a5) * [OCPBUGS-6236](https://issues.redhat.com/browse/OCPBUGS-6236): Updating openshift-enterprise-egress-router images to be consistent with ART [#121](https://github.com/openshift/images/pull/121) * [Full changelog](https://github.com/openshift/images/compare/04659348dbad0cd9b56596d5977d2934fa01d509...1a14e5c9896976b43767ab325a6fe35527a514a5) ### [kube-proxy, sdn](https://github.com/openshift/sdn/tree/569ea1116cb348a31ea757b0a76d21de6bc8bcba) * [OCPBUGS-20771](https://issues.redhat.com/browse/OCPBUGS-20771): update x/net to v0.17.0 [#590](https://github.com/openshift/sdn/pull/590) * [OCPBUGS-22932](https://issues.redhat.com/browse/OCPBUGS-22932): Change the permission of 80-openshift-network.conf to 600 [#582](https://github.com/openshift/sdn/pull/582) * [OCPBUGS-14504](https://issues.redhat.com/browse/OCPBUGS-14504): Use the ovsver build arg to infer the openvswitch short version number [#572](https://github.com/openshift/sdn/pull/572) * [Full changelog](https://github.com/openshift/sdn/compare/12a5bcfe56550165a550230d016f3a954b18ddbe...569ea1116cb348a31ea757b0a76d21de6bc8bcba) ### [kube-rbac-proxy](https://github.com/openshift/kube-rbac-proxy/tree/f35f954ae0550e6ebeb94e244401fc069dc346b8) * [OCPBUGS-31987](https://issues.redhat.com/browse/OCPBUGS-31987): CVE-2023-45288 [4.13] [#107](https://github.com/openshift/kube-rbac-proxy/pull/107) * [OCPBUGS-20702](https://issues.redhat.com/browse/OCPBUGS-20702): v0.15.0 downstream release 4.13 [#84](https://github.com/openshift/kube-rbac-proxy/pull/84) * [Full changelog](https://github.com/openshift/kube-rbac-proxy/compare/f1205e66bf34421046288bc74aed0d69b8434206...f35f954ae0550e6ebeb94e244401fc069dc346b8) ### [kube-state-metrics](https://github.com/openshift/kube-state-metrics/tree/fd791df54d7271c1611090505509a03454168689) * [OCPBUGS-20778](https://issues.redhat.com/browse/OCPBUGS-20778): bump x/net to v0.17.0 [#102](https://github.com/openshift/kube-state-metrics/pull/102) * [Full changelog](https://github.com/openshift/kube-state-metrics/compare/4b9698489404f06195ba8a4646d58d67e13501d4...fd791df54d7271c1611090505509a03454168689) ### [kubevirt-csi-driver](https://github.com/openshift/kubevirt-csi-driver/tree/9d909f7f3a3efd27d7efb71bf0324796aa6e8788) * "OCPBUGS-29791: [release-4.13] Address CVE-2024-1725: Restrict access to infrastructure PVCs by requiring matching infraClusterLabels on tenant PVCs" [#35](https://github.com/openshift/kubevirt-csi-driver/pull/35) * [Full changelog](https://github.com/openshift/kubevirt-csi-driver/compare/efa0b9432bf0f44a965dc978ada75ea9b0f3e511...9d909f7f3a3efd27d7efb71bf0324796aa6e8788) ### [machine-api-operator](https://github.com/openshift/machine-api-operator/tree/a950acc5d06dda8089dbbe4b9d4ad95e7fe78b62) * [OCPBUGS-43856](https://issues.redhat.com/browse/OCPBUGS-43856): install/0000_30_machine-api-operator_00_credentials-request: Set skipServiceCheck again for GCP [#1304](https://github.com/openshift/machine-api-operator/pull/1304) * [OCPBUGS-32015](https://issues.redhat.com/browse/OCPBUGS-32015): Fix zone tag value reconciliation for vSphere machines [#1225](https://github.com/openshift/machine-api-operator/pull/1225) * [OCPBUGS-31994](https://issues.redhat.com/browse/OCPBUGS-31994): Update x/net to v0.25.0 [#1245](https://github.com/openshift/machine-api-operator/pull/1245) * NO-JIRA: [release-4.13] Fix data race conditions in unit tests [#1254](https://github.com/openshift/machine-api-operator/pull/1254) * [OCPBUGS-25165](https://issues.redhat.com/browse/OCPBUGS-25165): Add Snyk file to exclude vendor directory on scan [#1194](https://github.com/openshift/machine-api-operator/pull/1194) * [OCPBUGS-24277](https://issues.redhat.com/browse/OCPBUGS-24277): Update reference URL [#1188](https://github.com/openshift/machine-api-operator/pull/1188) * [OCPBUGS-24277](https://issues.redhat.com/browse/OCPBUGS-24277): Use docs URL instead of KCS article [#1181](https://github.com/openshift/machine-api-operator/pull/1181) * [OCPBUGS-21513](https://issues.redhat.com/browse/OCPBUGS-21513): Bump golang.org/x/net to v0.18.0 [#1175](https://github.com/openshift/machine-api-operator/pull/1175) * [Full changelog](https://github.com/openshift/machine-api-operator/compare/370fdaa43c6964e2af6abbde2bf37789de509bec...a950acc5d06dda8089dbbe4b9d4ad95e7fe78b62) ### [machine-config-operator](https://github.com/openshift/machine-config-operator/tree/39e3612071458fb2d876b9b8fb0d3517bcb1c7cc) * [OCPBUGS-44206](https://issues.redhat.com/browse/OCPBUGS-44206): Panic seen in CI job for MCC pod [#4680](https://github.com/openshift/machine-config-operator/pull/4680) * [OCPBUGS-38372](https://issues.redhat.com/browse/OCPBUGS-38372): Revert "MCD-pull: run after network-online.target in Azure" [#4527](https://github.com/openshift/machine-config-operator/pull/4527) * [OCPBUGS-38295](https://issues.redhat.com/browse/OCPBUGS-38295): daemon/update: disable systemd unit before overwriting [#4522](https://github.com/openshift/machine-config-operator/pull/4522) * [OCPBUGS-37783](https://issues.redhat.com/browse/OCPBUGS-37783): Openshift uncordoned compute-node that was intentionally cordoned [#4507](https://github.com/openshift/machine-config-operator/pull/4507) * [OCPBUGS-37160](https://issues.redhat.com/browse/OCPBUGS-37160): MCD-pull: run after network-online.target in Azure [#4474](https://github.com/openshift/machine-config-operator/pull/4474) * [OCPBUGS-36782](https://issues.redhat.com/browse/OCPBUGS-36782): daemon: Handle correctly OS Version for 4.1 and 4.2 bootimages [#4464](https://github.com/openshift/machine-config-operator/pull/4464) * [OCPBUGS-32208](https://issues.redhat.com/browse/OCPBUGS-32208): Run resolv-prepender entirely async [#4314](https://github.com/openshift/machine-config-operator/pull/4314) * [OCPBUGS-33327](https://issues.redhat.com/browse/OCPBUGS-33327): make verify should use MCO's kube version [#4352](https://github.com/openshift/machine-config-operator/pull/4352) * [OCPBUGS-29721](https://issues.redhat.com/browse/OCPBUGS-29721): Add existing kubeletconfig/ctrcfg mc-name-suffix annotation [#4206](https://github.com/openshift/machine-config-operator/pull/4206) * [OCPBUGS-30285](https://issues.redhat.com/browse/OCPBUGS-30285): set nodeStatusReportFrequency [#4243](https://github.com/openshift/machine-config-operator/pull/4243) * [OCPBUGS-28740](https://issues.redhat.com/browse/OCPBUGS-28740): crio: drop automatic image cleanup on upgrades [#4154](https://github.com/openshift/machine-config-operator/pull/4154) * [OCPBUGS-29151](https://issues.redhat.com/browse/OCPBUGS-29151): fix nodeStatusUpdateFrequency [#4170](https://github.com/openshift/machine-config-operator/pull/4170) * [OCPBUGS-24661](https://issues.redhat.com/browse/OCPBUGS-24661): daemon: Add support for new nmstate logic [#4036](https://github.com/openshift/machine-config-operator/pull/4036) * [OCPBUGS-27816](https://issues.redhat.com/browse/OCPBUGS-27816): use *resource.Quantity to not automatically set 0 [#4141](https://github.com/openshift/machine-config-operator/pull/4141) * [OCPBUGS-22272](https://issues.redhat.com/browse/OCPBUGS-22272), [OCPBUGS-27172](https://issues.redhat.com/browse/OCPBUGS-27172): kubelet: fix kubelet labels [#4120](https://github.com/openshift/machine-config-operator/pull/4120) * [OCPBUGS-27096](https://issues.redhat.com/browse/OCPBUGS-27096): Azure Run ovs-configuration.service before dnsmasq.service [#4115](https://github.com/openshift/machine-config-operator/pull/4115) * [OCPBUGS-19658](https://issues.redhat.com/browse/OCPBUGS-19658): After dual-stack conversion reconcile IPFamilies [#3935](https://github.com/openshift/machine-config-operator/pull/3935) * [OCPBUGS-23468](https://issues.redhat.com/browse/OCPBUGS-23468): support icsp and idms objects [#4027](https://github.com/openshift/machine-config-operator/pull/4027) * [OCPBUGS-23536](https://issues.redhat.com/browse/OCPBUGS-23536): Introduce kubelet-dependencies.target and firstboot-osupdate.target [#4043](https://github.com/openshift/machine-config-operator/pull/4043) * [OCPBUGS-21052](https://issues.redhat.com/browse/OCPBUGS-21052): Update library-go and kube deps to latest version [#4011](https://github.com/openshift/machine-config-operator/pull/4011) * [OCPBUGS-22205](https://issues.redhat.com/browse/OCPBUGS-22205): Consider ingress VIPs when selecting node IP [#3991](https://github.com/openshift/machine-config-operator/pull/3991) * [OCPBUGS-18031](https://issues.redhat.com/browse/OCPBUGS-18031): on-prem: run resolv-prepender on NM reapply event [#3880](https://github.com/openshift/machine-config-operator/pull/3880) * [OCPBUGS-22412](https://issues.redhat.com/browse/OCPBUGS-22412): bootstrap_test: always set APIVersion and Kind for DNS [#4002](https://github.com/openshift/machine-config-operator/pull/4002) * [OCPBUGS-21721](https://issues.redhat.com/browse/OCPBUGS-21721): install/0000_90_machine-config-operator_90_deletion: Drop this file [#3983](https://github.com/openshift/machine-config-operator/pull/3983) * [OCPBUGS-20333](https://issues.redhat.com/browse/OCPBUGS-20333): resolv-prepender: avoid pulling baremetalRuntimeCfgImage again if it … [#3962](https://github.com/openshift/machine-config-operator/pull/3962) * [OCPBUGS-18803](https://issues.redhat.com/browse/OCPBUGS-18803): Soften grep pattern for ingress default router [#3908](https://github.com/openshift/machine-config-operator/pull/3908) * [OCPBUGS-19958](https://issues.redhat.com/browse/OCPBUGS-19958): [release-4.13] Backport logspam PRs [#3950](https://github.com/openshift/machine-config-operator/pull/3950) * [Full changelog](https://github.com/openshift/machine-config-operator/compare/3d95390f8afe8456ceba69eb73d7b95d3b954f6d...39e3612071458fb2d876b9b8fb0d3517bcb1c7cc) ### [machine-image-customization-controller](https://github.com/openshift/image-customization-controller/tree/34a4abe6ec47fff69476695eccffdb27fe23780c) * [OCPBUGS-27089](https://issues.redhat.com/browse/OCPBUGS-27089): configurable ironic agent vlan creation [#117](https://github.com/openshift/image-customization-controller/pull/117) * [OCPBUGS-21549](https://issues.redhat.com/browse/OCPBUGS-21549): Uplift x/net to v0.17.0 [#105](https://github.com/openshift/image-customization-controller/pull/105) * [Full changelog](https://github.com/openshift/image-customization-controller/compare/0f4119d19349077d30ad108a9e611eed7205d14a...34a4abe6ec47fff69476695eccffdb27fe23780c) ### [multus-admission-controller](https://github.com/openshift/multus-admission-controller/tree/9b0656af8316420bf05a7d3a0969feded615ed64) * [OCPBUGS-21353](https://issues.redhat.com/browse/OCPBUGS-21353): Update go.mod for CVE-2023-39325 [Release-4.13] [#72](https://github.com/openshift/multus-admission-controller/pull/72) * [Full changelog](https://github.com/openshift/multus-admission-controller/compare/f76d674edb07d7006f04748338c1013499c0e7ab...9b0656af8316420bf05a7d3a0969feded615ed64) ### [multus-cni](https://github.com/openshift/multus-cni/tree/12897bd18a928b8d0ea22fca0c05cee480285752) * [OCPBUGS-28020](https://issues.redhat.com/browse/OCPBUGS-28020): Fix SAST scan issues for multus-cni-container [4.13] [#224](https://github.com/openshift/multus-cni/pull/224) * [OCPBUGS-21076](https://issues.redhat.com/browse/OCPBUGS-21076): Update go.mod for CVE-2023-39325 [Release-4.13] [#195](https://github.com/openshift/multus-cni/pull/195) * [Full changelog](https://github.com/openshift/multus-cni/compare/bb616eff56bf0b71ad85009360231f4686a6e4a9...12897bd18a928b8d0ea22fca0c05cee480285752) ### [multus-networkpolicy](https://github.com/openshift/multus-networkpolicy/tree/7176ab75edaf6328bb1da06ba55378815271d218) * [OCPBUGS-21438](https://issues.redhat.com/browse/OCPBUGS-21438): Update go.mod for CVE-2023-39325 (#35) [#35](https://github.com/openshift/multus-networkpolicy/pull/35) * [Full changelog](https://github.com/openshift/multus-networkpolicy/compare/7b99c194d5d2b092a64dc7b8673ef96a399cc7a8...7176ab75edaf6328bb1da06ba55378815271d218) ### [multus-whereabouts-ipam-cni](https://github.com/openshift/whereabouts-cni/tree/9f8d13c74cfe33562c520a77b1a7dbf2e1bd1ef9) * [OCPBUGS-37941](https://issues.redhat.com/browse/OCPBUGS-37941), [OCPBUGS-37944](https://issues.redhat.com/browse/OCPBUGS-37944): [release-4.13] Stateful fixes [#306](https://github.com/openshift/whereabouts-cni/pull/306) * [OCPBUGS-27958](https://issues.redhat.com/browse/OCPBUGS-27958): Enable reconciler configuration [#241](https://github.com/openshift/whereabouts-cni/pull/241) * [OCPBUGS-27367](https://issues.redhat.com/browse/OCPBUGS-27367): [release-4.13] Backport fix assignment [#236](https://github.com/openshift/whereabouts-cni/pull/236) * [OCPBUGS-21512](https://issues.redhat.com/browse/OCPBUGS-21512): update golang.org/x/net to v0.17.0 [#208](https://github.com/openshift/whereabouts-cni/pull/208) * [Full changelog](https://github.com/openshift/whereabouts-cni/compare/7ea40205ffef4c3e047153f4655444245c2792d3...9f8d13c74cfe33562c520a77b1a7dbf2e1bd1ef9) ### [network-metrics-daemon](https://github.com/openshift/network-metrics-daemon/tree/3ef81a5c468171f22d626c544fd7f02adc156ceb) * Added METRIC_TEST_IMAGE var (#90) [#90](https://github.com/openshift/network-metrics-daemon/pull/90) * Update the k8s dependencies to 1.26.10 (#83) [#83](https://github.com/openshift/network-metrics-daemon/pull/83) * [Full changelog](https://github.com/openshift/network-metrics-daemon/compare/e72c8ad1581132817c09e23295f55425a14a5c58...3ef81a5c468171f22d626c544fd7f02adc156ceb) ### [nutanix-machine-controllers](https://github.com/openshift/machine-api-provider-nutanix/tree/105c515996ed0856eca89e75b166e70331d95856) * [OCPBUGS-24563](https://issues.redhat.com/browse/OCPBUGS-24563): Reduce metrics cardinality [#59](https://github.com/openshift/machine-api-provider-nutanix/pull/59) * [OCPBUGS-25459](https://issues.redhat.com/browse/OCPBUGS-25459): Fix CI by running tests natively by default [#60](https://github.com/openshift/machine-api-provider-nutanix/pull/60) * [Full changelog](https://github.com/openshift/machine-api-provider-nutanix/compare/be43191e5b20c7d6a5755a39a22d31e7734b241a...105c515996ed0856eca89e75b166e70331d95856) ### [oauth-apiserver](https://github.com/openshift/oauth-apiserver/tree/6a5971643b971170d28b96f676225b344c4cff3c) * [OCPBUGS-31996](https://issues.redhat.com/browse/OCPBUGS-31996): bump x/net to 0.24.0 [#112](https://github.com/openshift/oauth-apiserver/pull/112) * [OCPBUGS-28674](https://issues.redhat.com/browse/OCPBUGS-28674): Fix HTTP/2 deps for release-4.13 [#102](https://github.com/openshift/oauth-apiserver/pull/102) * [Full changelog](https://github.com/openshift/oauth-apiserver/compare/41c2dfea104b3c686a00b068654843b48b4db53f...6a5971643b971170d28b96f676225b344c4cff3c) ### [oauth-server](https://github.com/openshift/oauth-server/tree/eb54be281d8f215a6eaa6e10ed1b303c7d064bac) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): update osin to latest version [#139](https://github.com/openshift/oauth-server/pull/139) * [Full changelog](https://github.com/openshift/oauth-server/compare/b841149f2ec0c1ffcb0393e6f70b1e4547f3b18e...eb54be281d8f215a6eaa6e10ed1b303c7d064bac) ### [oc-mirror](https://github.com/openshift/oc-mirror/tree/02367d7a9d25ca823fd52710a5a8484f09454884) * Bump version to include v5.11.0 of go-git (#823) [#823](https://github.com/openshift/oc-mirror/pull/823) * [OCPBUGS-385](https://issues.redhat.com/browse/OCPBUGS-385): Capability to override default channel (#749) (#791) [#749](https://github.com/openshift/oc-mirror/pull/749) * [OCPBUGS-19429](https://issues.redhat.com/browse/OCPBUGS-19429): Fix cross EUS channel upgrade path calculation (#775) [#775](https://github.com/openshift/oc-mirror/pull/775) * [OCPBUGS-21460](https://issues.redhat.com/browse/OCPBUGS-21460): Fix CVE-2023-44487 and CVE-2023-39325 (#714) [#714](https://github.com/openshift/oc-mirror/pull/714) * [Full changelog](https://github.com/openshift/oc-mirror/compare/3742681e417aee146fe258cf779b6cdfae8054a3...02367d7a9d25ca823fd52710a5a8484f09454884) ### [olm-rukpak](https://github.com/openshift/operator-framework-rukpak/tree/7dde3cd3e7a7dbbc9b5d134cc4f69f1503ed0a68) * : OCPBUGS-27594,OCPBUGS-27679: Update go-git to v5.11.0 [#75](https://github.com/openshift/operator-framework-rukpak/pull/75) * [OCPBUGS-23403](https://issues.redhat.com/browse/OCPBUGS-23403): [release-4.13] Address http2 vulnerability [#58](https://github.com/openshift/operator-framework-rukpak/pull/58) * [OCPBUGS-21363](https://issues.redhat.com/browse/OCPBUGS-21363): [release-4.13] Bump golang.org/x/net to v0.17.0 [#40](https://github.com/openshift/operator-framework-rukpak/pull/40) * UPSTREAM: <carry>: add downstream owners [#42](https://github.com/openshift/operator-framework-rukpak/pull/42) * [Full changelog](https://github.com/openshift/operator-framework-rukpak/compare/66b3e551fc2730beb4c46d478166b38766c5f346...7dde3cd3e7a7dbbc9b5d134cc4f69f1503ed0a68) ### [openshift-apiserver](https://github.com/openshift/openshift-apiserver/tree/3a7ac1b91f496b0d4bf179debcd697daa75bc11b) * [OCPBUGS-32446](https://issues.redhat.com/browse/OCPBUGS-32446): bump(x/net) to v0.23.0 [#430](https://github.com/openshift/openshift-apiserver/pull/430) * : OCPBUGS-21449: Enable HTTP/2 CVE mitigation [#398](https://github.com/openshift/openshift-apiserver/pull/398) * [Full changelog](https://github.com/openshift/openshift-apiserver/compare/0b82768216c0c0ffb171457fce71b3806c586e7c...3a7ac1b91f496b0d4bf179debcd697daa75bc11b) ### [openshift-controller-manager](https://github.com/openshift/openshift-controller-manager/tree/f4c0771f69b4f6781965c0d557d3438500189688) * [release 4.13] OCPBUGS-38407, OCPBUGS-38408: Update opentelemetry dependency [#326](https://github.com/openshift/openshift-controller-manager/pull/326) * [OCPBUGS-41952](https://issues.redhat.com/browse/OCPBUGS-41952): Add adambkaplan as approver [#335](https://github.com/openshift/openshift-controller-manager/pull/335) * [Full changelog](https://github.com/openshift/openshift-controller-manager/compare/385057e57752b7b4f21ef32d7a7993d266a591eb...f4c0771f69b4f6781965c0d557d3438500189688) ### [openshift-state-metrics](https://github.com/openshift/openshift-state-metrics/tree/9be421f0c013c7f134c1d7cfe1c0ee2f2ae8eaf6) * [OCPBUGS-20723](https://issues.redhat.com/browse/OCPBUGS-20723): bump `x/net` to v0.17.0 [#108](https://github.com/openshift/openshift-state-metrics/pull/108) * [Full changelog](https://github.com/openshift/openshift-state-metrics/compare/7beb8807e2c0092b5e580a29903ff060140d8ff0...9be421f0c013c7f134c1d7cfe1c0ee2f2ae8eaf6) ### [openstack-cinder-csi-driver-operator](https://github.com/openshift/openstack-cinder-csi-driver-operator/tree/b50a649be8b691a6081487330da17e55d242a2e5) * [OCPBUGS-21565](https://issues.redhat.com/browse/OCPBUGS-21565): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#136](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/136) * [Full changelog](https://github.com/openshift/openstack-cinder-csi-driver-operator/compare/90ee04bcfbfc0eb6173bc9fbea8c9f87ec1dea7d...b50a649be8b691a6081487330da17e55d242a2e5) ### [openstack-machine-api-provider](https://github.com/openshift/machine-api-provider-openstack/tree/27f786052c3d35154aa2d16413d20ec3447b502b) * [OCPBUGS-34422](https://issues.redhat.com/browse/OCPBUGS-34422): Ensure portSecurity is correctly set in the Instance Ports [#119](https://github.com/openshift/machine-api-provider-openstack/pull/119) * [Full changelog](https://github.com/openshift/machine-api-provider-openstack/compare/7bce9d67fba63a0ed6a39b78488da8e85bf07dbd...27f786052c3d35154aa2d16413d20ec3447b502b) ### [operator-lifecycle-manager, operator-registry](https://github.com/openshift/operator-framework-olm/tree/7f911e3e8fac2a544268e63131b03f2c155395f9) * NO-ISSUE: [release-4.13] Backport e2e fixes [#876](https://github.com/openshift/operator-framework-olm/pull/876) * [OCPBUGS-42146](https://issues.redhat.com/browse/OCPBUGS-42146): adds paginating lister for evaluating CRs' upgrade fitness versus new CRDs. [#871](https://github.com/openshift/operator-framework-olm/pull/871) * [OCPBUGS-38254](https://issues.redhat.com/browse/OCPBUGS-38254): [CARRY] perform operator apiService certificate validity checks directly [#836](https://github.com/openshift/operator-framework-olm/pull/836) * [OCPBUGS-38608](https://issues.redhat.com/browse/OCPBUGS-38608): (fix) Resolver: list CatSrc using client, instead of referring to registry-server cache (#3349) [#843](https://github.com/openshift/operator-framework-olm/pull/843) * [OCPBUGS-32856](https://issues.redhat.com/browse/OCPBUGS-32856): bump go-jose to v2.6.3 [#780](https://github.com/openshift/operator-framework-olm/pull/780) * [OCPBUGS-35241](https://issues.redhat.com/browse/OCPBUGS-35241): Unblock CI [#772](https://github.com/openshift/operator-framework-olm/pull/772) * [OCPBUGS-27564](https://issues.redhat.com/browse/OCPBUGS-27564), [OCPBUGS-27569](https://issues.redhat.com/browse/OCPBUGS-27569), [OCPBUGS-27649](https://issues.redhat.com/browse/OCPBUGS-27649), [OCPBUGS-27654](https://issues.redhat.com/browse/OCPBUGS-27654): bump go-git/v5 to 5.11.0 [#682](https://github.com/openshift/operator-framework-olm/pull/682) * [OCPBUGS-28228](https://issues.redhat.com/browse/OCPBUGS-28228): Registry Pod Controller Flag [#672](https://github.com/openshift/operator-framework-olm/pull/672) * [OCPBUGS-27891](https://issues.redhat.com/browse/OCPBUGS-27891): [CARRY] SSC RBAC [#669](https://github.com/openshift/operator-framework-olm/pull/669) * [OCPBUGS-8653](https://issues.redhat.com/browse/OCPBUGS-8653): bump golang-migrate to v4.16.1 (#1107) [#649](https://github.com/openshift/operator-framework-olm/pull/649) * [OCPBUGS-20815](https://issues.redhat.com/browse/OCPBUGS-20815): [release-4.13] fix apiserver vulnerability [#616](https://github.com/openshift/operator-framework-olm/pull/616) * [OCPBUGS-22133](https://issues.redhat.com/browse/OCPBUGS-22133): [release-4.13] Bump golang.org/x/net to v0.17.0 [#589](https://github.com/openshift/operator-framework-olm/pull/589) * [Full changelog](https://github.com/openshift/operator-framework-olm/compare/9957ffd6be55ffadf08c107191fa459e03af5f26...7f911e3e8fac2a544268e63131b03f2c155395f9) ### [operator-marketplace](https://github.com/operator-framework/operator-marketplace/tree/7efdbcad565ae7893539a79a944a97f9b39da97a) * [OCPBUGS-32074](https://issues.redhat.com/browse/OCPBUGS-32074): update golang.org/x/net for CVE-2023-45288 [#566](https://github.com/operator-framework/operator-marketplace/pull/566) * [OCPBUGS-20977](https://issues.redhat.com/browse/OCPBUGS-20977): [release-4.13] bump golang.org/x/net to 0.17.0 [#549](https://github.com/operator-framework/operator-marketplace/pull/549) * [Full changelog](https://github.com/operator-framework/operator-marketplace/compare/3a424b991b6505699f53badce9085d4398575f68...7efdbcad565ae7893539a79a944a97f9b39da97a) ### [ovirt-csi-driver](https://github.com/openshift/ovirt-csi-driver/tree/54958deb4998e08696af0abe3585486a6b5b6800) * [OCPBUGS-23155](https://issues.redhat.com/browse/OCPBUGS-23155): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#130](https://github.com/openshift/ovirt-csi-driver/pull/130) * [Full changelog](https://github.com/openshift/ovirt-csi-driver/compare/f21b470f4927f97eca93a0a390cffccd7d724043...54958deb4998e08696af0abe3585486a6b5b6800) ### [ovirt-csi-driver-operator](https://github.com/openshift/ovirt-csi-driver-operator/tree/b293972fe2c5eef4262130de621e75e5d0c37d8e) * [OCPBUGS-23241](https://issues.redhat.com/browse/OCPBUGS-23241): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#127](https://github.com/openshift/ovirt-csi-driver-operator/pull/127) * [Full changelog](https://github.com/openshift/ovirt-csi-driver-operator/compare/aca579dfc9aa1921849f9573f5179fcb2bf89f28...b293972fe2c5eef4262130de621e75e5d0c37d8e) ### [ovn-kubernetes-microshift-rhel-9, ovn-kubernetes-rhel-9](https://github.com/openshift/ovn-kubernetes/tree/72f151a69b6c549828382f87c42b914b938a8dc9) * [OCPBUGS-38264](https://issues.redhat.com/browse/OCPBUGS-38264): [release-4.13] Bump OVSDBTimeout and make it configurable [#2289](https://github.com/openshift/ovn-kubernetes/pull/2289) * [OCPBUGS-37119](https://issues.redhat.com/browse/OCPBUGS-37119): EgressIP: Reload certificates for the grpc heatlhcheck server [#2226](https://github.com/openshift/ovn-kubernetes/pull/2226) * [OCPBUGS-35100](https://issues.redhat.com/browse/OCPBUGS-35100): [release-4.13] ipv6+all protocols conntrack flush [#2200](https://github.com/openshift/ovn-kubernetes/pull/2200) * [OCPBUGS-34669](https://issues.redhat.com/browse/OCPBUGS-34669), [SDN-4186](https://issues.redhat.com/browse/SDN-4186): Introduce a validating webhook for ovnkube-node [#2053](https://github.com/openshift/ovn-kubernetes/pull/2053) * [OCPBUGS-29865](https://issues.redhat.com/browse/OCPBUGS-29865): CVE-2022-41723: net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [#2095](https://github.com/openshift/ovn-kubernetes/pull/2095) * [OCPBUGS-33730](https://issues.redhat.com/browse/OCPBUGS-33730): Improves service iptables efficiency on start up [#2172](https://github.com/openshift/ovn-kubernetes/pull/2172) * [OCPBUGS-32988](https://issues.redhat.com/browse/OCPBUGS-32988): Bumping OVS [#2143](https://github.com/openshift/ovn-kubernetes/pull/2143) * [OCPBUGS-33421](https://issues.redhat.com/browse/OCPBUGS-33421): [release-4.13] Full implementation of KEP-1669 ProxyTerminatingEndpoints + ETP=local fix [#2130](https://github.com/openshift/ovn-kubernetes/pull/2130) * [OCPBUGS-33218](https://issues.redhat.com/browse/OCPBUGS-33218): [release-4.13] OVN bump to 23.06.1-112 [#2153](https://github.com/openshift/ovn-kubernetes/pull/2153) * [OCPBUGS-28983](https://issues.redhat.com/browse/OCPBUGS-28983), [OCPBUGS-30920](https://issues.redhat.com/browse/OCPBUGS-30920): Update netpol namespace address sets usage to the old ways [#2097](https://github.com/openshift/ovn-kubernetes/pull/2097) * [OCPBUGS-29851](https://issues.redhat.com/browse/OCPBUGS-29851): Egress IP, Services: use all node IP addresses [#2090](https://github.com/openshift/ovn-kubernetes/pull/2090) * [OCPBUGS-28630](https://issues.redhat.com/browse/OCPBUGS-28630): Synchronize node primary address update [#2036](https://github.com/openshift/ovn-kubernetes/pull/2036) * [OCPBUGS-25611](https://issues.redhat.com/browse/OCPBUGS-25611): Avoid panic due to stale ACLs with 1013 priority [#1987](https://github.com/openshift/ovn-kubernetes/pull/1987) * [OCPBUGS-27257](https://issues.redhat.com/browse/OCPBUGS-27257): Ensure session affinity cleanup on backend removal [#2022](https://github.com/openshift/ovn-kubernetes/pull/2022) * [OCPBUGS-27736](https://issues.redhat.com/browse/OCPBUGS-27736): CARRY: Updates owners and adds Surya [#2024](https://github.com/openshift/ovn-kubernetes/pull/2024) * [OCPBUGS-24419](https://issues.redhat.com/browse/OCPBUGS-24419): OVNK/GW: Ignore headless services in syncServices [#1971](https://github.com/openshift/ovn-kubernetes/pull/1971) * [OCPBUGS-23258](https://issues.redhat.com/browse/OCPBUGS-23258): Update leaderelection config to allow retries [#1992](https://github.com/openshift/ovn-kubernetes/pull/1992) * [OCPBUGS-26242](https://issues.redhat.com/browse/OCPBUGS-26242): Fix Egress IP Deletion Handler to Prevent OVN Policy Leaks [#2011](https://github.com/openshift/ovn-kubernetes/pull/2011) * [OCPBUGS-25923](https://issues.redhat.com/browse/OCPBUGS-25923): Forward ICMP packets to OVN loadbalancer [#2004](https://github.com/openshift/ovn-kubernetes/pull/2004) * [OCPBUGS-25224](https://issues.redhat.com/browse/OCPBUGS-25224): [release-4.13] fixes MTU configuration on gateway router [#1988](https://github.com/openshift/ovn-kubernetes/pull/1988) * [OCPBUGS-14799](https://issues.redhat.com/browse/OCPBUGS-14799): Updating endpoints when using allocateLBNP=0, lgw mode fails [#1940](https://github.com/openshift/ovn-kubernetes/pull/1940) * [OCPBUGS-25095](https://issues.redhat.com/browse/OCPBUGS-25095): Fragment oversized reply packets in LGW mode [#1983](https://github.com/openshift/ovn-kubernetes/pull/1983) * [OCPBUGS-24391](https://issues.redhat.com/browse/OCPBUGS-24391): Limit OVN-Kubernetes RBAC permissions [#1950](https://github.com/openshift/ovn-kubernetes/pull/1950) * [OCPBUGS-23014](https://issues.redhat.com/browse/OCPBUGS-23014): Netpol retryFramework cleanup [#1957](https://github.com/openshift/ovn-kubernetes/pull/1957) * [OCPBUGS-24263](https://issues.redhat.com/browse/OCPBUGS-24263): Bump OVN to 23.06.1-39.el9fdp [#1966](https://github.com/openshift/ovn-kubernetes/pull/1966) * [OCPBUGS-14314](https://issues.redhat.com/browse/OCPBUGS-14314): Fix compilation error in e2e.go tests due to missing int32 parameter [#1682](https://github.com/openshift/ovn-kubernetes/pull/1682) * [OCPBUGS-20047](https://issues.redhat.com/browse/OCPBUGS-20047): Adjust python ssl library dependency check [#1924](https://github.com/openshift/ovn-kubernetes/pull/1924) * [OCPBUGS-18976](https://issues.redhat.com/browse/OCPBUGS-18976): Update bridge flow cache when the host address changes [#1873](https://github.com/openshift/ovn-kubernetes/pull/1873) * [OCPBUGS-18791](https://issues.redhat.com/browse/OCPBUGS-18791), [OCPBUGS-18792](https://issues.redhat.com/browse/OCPBUGS-18792), [OCPBUGS-19088](https://issues.redhat.com/browse/OCPBUGS-19088), [OCPBUGS-7406](https://issues.redhat.com/browse/OCPBUGS-7406): Dockerfile: bump OVN to ovn23.06-23.06.1-8.el9fdp [#1880](https://github.com/openshift/ovn-kubernetes/pull/1880) * [Full changelog](https://github.com/openshift/ovn-kubernetes/compare/d0925e2b849eff980ec668b37605ea3676eff604...72f151a69b6c549828382f87c42b914b938a8dc9) ### [powervs-block-csi-driver](https://github.com/openshift/ibm-powervs-block-csi-driver/tree/16fa55557367097b075093d2549e0205558c7527) * [OCPBUGS-36094](https://issues.redhat.com/browse/OCPBUGS-36094): Fix CVE-2024-6104 by updating http-retryable to 0.7.7 [#91](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/91) * [OCPBUGS-33638](https://issues.redhat.com/browse/OCPBUGS-33638): Fix CVE2023-45288 by bumping x/net to v0.24.0 -4.13 [#82](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/82) * [OCPBUGS-24728](https://issues.redhat.com/browse/OCPBUGS-24728): synk: ignore vendor dir [#61](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/61) * [OCPBUGS-21089](https://issues.redhat.com/browse/OCPBUGS-21089): CVE-2023-39325 - Update net dependencies - 4.13 [#52](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/52) * Update OWNERS add yussufsh [#54](https://github.com/openshift/ibm-powervs-block-csi-driver/pull/54) * [Full changelog](https://github.com/openshift/ibm-powervs-block-csi-driver/compare/26d166e8f7d1f33eff1efd7ccab92a27a188f431...16fa55557367097b075093d2549e0205558c7527) ### [powervs-block-csi-driver-operator](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/tree/e70c980e2561788b710d710efc3e09974ad7374c) * [OCPBUGS-25716](https://issues.redhat.com/browse/OCPBUGS-25716): snyk: ignore vendor dir [#61](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/61) * [OCPBUGS-21186](https://issues.redhat.com/browse/OCPBUGS-21186): CVE-2023-39325 - Update net dependencies - 4.13 [#41](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/41) * Update OWNERS add yussufsh [#45](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/pull/45) * [Full changelog](https://github.com/openshift/ibm-powervs-block-csi-driver-operator/compare/2d8e82b25c39fd0617632ae32fec070b7c5f8f21...e70c980e2561788b710d710efc3e09974ad7374c) ### [powervs-cloud-controller-manager](https://github.com/openshift/cloud-provider-powervs/tree/c040f3774af48d6d0bd8c31188626cb445be5b83) * [OCPBUGS-36104](https://issues.redhat.com/browse/OCPBUGS-36104): UPSTREAM: <carry>: Fix go-retryablehttp CVE 4.13 [#76](https://github.com/openshift/cloud-provider-powervs/pull/76) * [OCPBUGS-24731](https://issues.redhat.com/browse/OCPBUGS-24731): UPSTREAM: <carry>: snyk code scan exclude vendor directory [#53](https://github.com/openshift/cloud-provider-powervs/pull/53) * [OCPBUGS-21280](https://issues.redhat.com/browse/OCPBUGS-21280): CVE-2023-39325 - Update net dependencies - 4.13 [#46](https://github.com/openshift/cloud-provider-powervs/pull/46) * [Full changelog](https://github.com/openshift/cloud-provider-powervs/compare/130365622eb0c59e102049529695c8326d616213...c040f3774af48d6d0bd8c31188626cb445be5b83) ### [powervs-machine-controllers](https://github.com/openshift/machine-api-provider-powervs/tree/95154dd1870e26cb6ebb1b8cb6e68947c478f059) * [OCPBUGS-41980](https://issues.redhat.com/browse/OCPBUGS-41980): Update go.mod to fix CVE - 4.13 [#87](https://github.com/openshift/machine-api-provider-powervs/pull/87) * [OCPBUGS-24563](https://issues.redhat.com/browse/OCPBUGS-24563): Reduce metrics cardinality [#69](https://github.com/openshift/machine-api-provider-powervs/pull/69) * [OCPBUGS-24741](https://issues.redhat.com/browse/OCPBUGS-24741): snyk code scan exclude vendor directory [#64](https://github.com/openshift/machine-api-provider-powervs/pull/64) * [OCPBUGS-21880](https://issues.redhat.com/browse/OCPBUGS-21880): CVE-2023-39325 - Bump golang.org/x/net to v0.17.0 - 4.13 [#55](https://github.com/openshift/machine-api-provider-powervs/pull/55) * [Full changelog](https://github.com/openshift/machine-api-provider-powervs/compare/bf49c5c1b07137baa766b4d78b9e9c2650ef59ad...95154dd1870e26cb6ebb1b8cb6e68947c478f059) ### [prometheus](https://github.com/openshift/prometheus/tree/72886096272245e064297c480b24ac4895230c89) * [OCPBUGS-26423](https://issues.redhat.com/browse/OCPBUGS-26423): Add Exemplars support for all time series [#191](https://github.com/openshift/prometheus/pull/191) * [OCPBUGS-21240](https://issues.redhat.com/browse/OCPBUGS-21240): update golang.org/x/net to v0.17.0 [4.13] [#174](https://github.com/openshift/prometheus/pull/174) * [Full changelog](https://github.com/openshift/prometheus/compare/8279148fd0d8b2aa2a1613a2e9810aea80f487df...72886096272245e064297c480b24ac4895230c89) ### [prometheus-alertmanager](https://github.com/openshift/prometheus-alertmanager/tree/df2f11e2ddc206ad1924ed766b4a394d84c9236f) * [OCPBUGS-21043](https://issues.redhat.com/browse/OCPBUGS-21043): Bump golang.org/x/net to v0.17.0 [#81](https://github.com/openshift/prometheus-alertmanager/pull/81) * [Full changelog](https://github.com/openshift/prometheus-alertmanager/compare/f44d574d8e170d6788cfbf2bdbc866d3e1fc1054...df2f11e2ddc206ad1924ed766b4a394d84c9236f) ### [prometheus-config-reloader, prometheus-operator, prometheus-operator-admission-webhook](https://github.com/openshift/prometheus-operator/tree/30fdccd139b2c63a9207bd30509aec8ddec7ff5d) * [OCPBUGS-20861](https://issues.redhat.com/browse/OCPBUGS-20861): Bump golang.org/x/net to v0.17.0 [#248](https://github.com/openshift/prometheus-operator/pull/248) * [Full changelog](https://github.com/openshift/prometheus-operator/compare/95a117826360e23e092be5bbee2da8dbcf44f17a...30fdccd139b2c63a9207bd30509aec8ddec7ff5d) ### [prometheus-node-exporter](https://github.com/openshift/node_exporter/tree/59d699cac664bfbfe83ef6a1615e34e062fd283d) * [OCPBUGS-21143](https://issues.redhat.com/browse/OCPBUGS-21143): upgrade golang.org/x/net to v0.17.0 [#135](https://github.com/openshift/node_exporter/pull/135) * [Full changelog](https://github.com/openshift/node_exporter/compare/5409afd036445411969ed074e681c73f2df36909...59d699cac664bfbfe83ef6a1615e34e062fd283d) ### [service-ca-operator](https://github.com/openshift/service-ca-operator/tree/dba00dc5b1874904542bed87f49974bf64be168a) * [OCPBUGS-28759](https://issues.redhat.com/browse/OCPBUGS-28759): Fix HTTP/2 (4.13) [#232](https://github.com/openshift/service-ca-operator/pull/232) * [Full changelog](https://github.com/openshift/service-ca-operator/compare/5984aac13df6c2f4440c67a1a14d32958bce9ec3...dba00dc5b1874904542bed87f49974bf64be168a) ### [telemeter](https://github.com/openshift/telemeter/tree/0634a6d029bfd8fd311e99ccf5f2fd45b5751fa8) * [OCPBUGS-34829](https://issues.redhat.com/browse/OCPBUGS-34829): fix issuer check during JWT authentication 4.13 [#540](https://github.com/openshift/telemeter/pull/540) * [OCPBUGS-21327](https://issues.redhat.com/browse/OCPBUGS-21327): [release-4.13]: Bump golang.org/x/net to v0.17.0 [#485](https://github.com/openshift/telemeter/pull/485) * [Full changelog](https://github.com/openshift/telemeter/compare/be81b43429dcbf70f6ca19a9360ba455c97a1639...0634a6d029bfd8fd311e99ccf5f2fd45b5751fa8) ### [tests](https://github.com/openshift/origin/tree/19f80945645f4b368adfc0d7db5b6f7593684eae) * [OCPBUGS-37921](https://issues.redhat.com/browse/OCPBUGS-37921): Removes dependency on samples operator images [#29007](https://github.com/openshift/origin/pull/29007) * [OCPBUGS-35053](https://issues.redhat.com/browse/OCPBUGS-35053): updated timeout to 3 seconds to account for network timing issues [#28862](https://github.com/openshift/origin/pull/28862) * [OCPBUGS-36501](https://issues.redhat.com/browse/OCPBUGS-36501): test/extended: skip etcd leader change check on hypershift [#28922](https://github.com/openshift/origin/pull/28922) * [OCPBUGS-35857](https://issues.redhat.com/browse/OCPBUGS-35857): Use centos7 tag instead of latest for cmd images tests [#28895](https://github.com/openshift/origin/pull/28895) * [OCPBUGS-33985](https://issues.redhat.com/browse/OCPBUGS-33985): Provide SCC access via RBAC [#28835](https://github.com/openshift/origin/pull/28835) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): Add oauth-server redirect URI validation e2e tests [#28396](https://github.com/openshift/origin/pull/28396) * [OCPBUGS-19378](https://issues.redhat.com/browse/OCPBUGS-19378): [4.13] backport etcd restore tests [#28267](https://github.com/openshift/origin/pull/28267) * Bug OCPBUGS-17469: Correct condition for rejecting connection [#28151](https://github.com/openshift/origin/pull/28151) * [OCPBUGS-20361](https://issues.redhat.com/browse/OCPBUGS-20361): Update image stream test to create a manifest list image by default [#28318](https://github.com/openshift/origin/pull/28318) * [Full changelog](https://github.com/openshift/origin/compare/62852a2a543c7e12a2bca8d7393b1e84eab700b9...19f80945645f4b368adfc0d7db5b6f7593684eae) ### [thanos](https://github.com/openshift/thanos/tree/70fb57fb209e5aa491417fc421a97d417a5530bc) * [OCPBUGS-27206](https://issues.redhat.com/browse/OCPBUGS-27206): Bump otel/http to 0.44.0 [openshift-4.13.z] [#138](https://github.com/openshift/thanos/pull/138) * [OCPBUGS-21157](https://issues.redhat.com/browse/OCPBUGS-21157): Bump golang.org/x/net to v0.17.0 [#125](https://github.com/openshift/thanos/pull/125) * [Full changelog](https://github.com/openshift/thanos/compare/43238be385374e76ca6148a6780ddff9ebca3d11...70fb57fb209e5aa491417fc421a97d417a5530bc) ### [vsphere-cloud-controller-manager](https://github.com/openshift/cloud-provider-vsphere/tree/f56d57ba990f7f4ce1a6b1f9842331e9259c94f1) * [OCPBUGS-21506](https://issues.redhat.com/browse/OCPBUGS-21506): Bump golang.org/x/net to v0.18.0 [#55](https://github.com/openshift/cloud-provider-vsphere/pull/55) * [Full changelog](https://github.com/openshift/cloud-provider-vsphere/compare/0fe0c5c37d06893359f584e4b6f62d371703e9d1...f56d57ba990f7f4ce1a6b1f9842331e9259c94f1) ### [vsphere-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-vsphere/tree/da63f2b930cdd6090904ee607319b40615b245f6) * [OCPBUGS-21556](https://issues.redhat.com/browse/OCPBUGS-21556): bump golang.org/x/net to v0.17.0 [#23](https://github.com/openshift/cluster-api-provider-vsphere/pull/23) * [Full changelog](https://github.com/openshift/cluster-api-provider-vsphere/compare/24e08ddf65fd387ea7c71e229b13e47d6cd3643f...da63f2b930cdd6090904ee607319b40615b245f6) ### [vsphere-csi-driver, vsphere-csi-driver-syncer](https://github.com/openshift/vmware-vsphere-csi-driver/tree/4d3036a6c7fe0c850bbadd942267426afe2ec16a) * [OCPBUGS-21561](https://issues.redhat.com/browse/OCPBUGS-21561): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#91](https://github.com/openshift/vmware-vsphere-csi-driver/pull/91) * [Full changelog](https://github.com/openshift/vmware-vsphere-csi-driver/compare/9079a510ebbe7bc0df6a06aae43b6dbada3adb32...4d3036a6c7fe0c850bbadd942267426afe2ec16a) ### [vsphere-csi-driver-operator](https://github.com/openshift/vmware-vsphere-csi-driver-operator/tree/a9e5036e12facff0193d563b752847191fc9dc91) * [OCPBUGS-21434](https://issues.redhat.com/browse/OCPBUGS-21434): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#174](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/174) * [Full changelog](https://github.com/openshift/vmware-vsphere-csi-driver-operator/compare/1d88292198b5fe969b952532919fc595534af259...a9e5036e12facff0193d563b752847191fc9dc91) ### [vsphere-problem-detector](https://github.com/openshift/vsphere-problem-detector/tree/3ad7408fb53a9377d9f5b2cf5ae38570a9ec5c59) * [OCPBUGS-21577](https://issues.redhat.com/browse/OCPBUGS-21577): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#130](https://github.com/openshift/vsphere-problem-detector/pull/130) * [Full changelog](https://github.com/openshift/vsphere-problem-detector/compare/64f62bff177c6f2df6f106eacecc05e49e9a9828...3ad7408fb53a9377d9f5b2cf5ae38570a9ec5c59)