k3s - v1.28.1+k3s1
This release is K3S's first in the v1.28 line. This release updates Kubernetes to v1.28.1.
⚠️ IMPORTANT: This release includes remediation for CVE-2023-32187, a potential Denial of Service attack vector on K3s servers. See https://github.com/k3s-io/k3s/security/advisories/GHSA-m4hf-6vgr-75r2 for more information, including documentation on changes in behavior that harden clusters against this vulnerability.
For more details on what's new, see the Kubernetes release notes.
Changes since v1.27.5+k3s1:
- Update to v1.28.1 (#8239)
- CLI Removal for v1.28.0 (#8203)
- Secrets Encryption V3 (#8111)
- Add new CLI flag to disable TLS SAN CN filtering (#8252)
- Added a new
--tls-san-security
option. - Add RWMutex to address controller (#8268)
Embedded Component Versions
| Component | Version |
|---|---|
| Kubernetes | v1.28.1 |
| Kine | v0.10.3 |
| SQLite | 3.42.0 |
| Etcd | v3.5.9-k3s1 |
| Containerd | v1.7.3-k3s2 |
| Runc | v1.1.8 |
| Flannel | v0.22.2 |
| Metrics-server | v0.6.3 |
| Traefik | v2.9.10 |
| CoreDNS | v1.10.1 |
| Helm-controller | v0.15.4 |
| Local-path-provisioner | v0.0.24 |
Helpful Links
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our Slack channel
- Check out our documentation for guidance on how to get started or to dive deep into K3s.
- Read how you can contribute here
Security
Details
- 🔍View and search all k3s releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!