Skip to content

Update supported Kubernetes versions and client library #1143

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Sep 18, 2025
Merged

Update supported Kubernetes versions and client library #1143

merged 9 commits into from
Sep 18, 2025

Conversation

Octobob
Copy link
Member

@Octobob Octobob commented Sep 17, 2025

This PR contains the following updates:

Package Change Age Confidence
KubernetesClient 16.0.2 -> 17.0.14 age confidence

GitHub Vulnerability Alerts

CVE-2025-9708

A vulnerability exists in the Kubernetes C# client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority (CA) without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate and potentially intercept or manipulate communication with the Kubernetes API server, leading to possible man-in-the-middle attacks and API impersonation.

Release Notes

kubernetes-client/csharp (KubernetesClient)

v17.0.14

What's Changed

New Contributors

Full Changelog: kubernetes-client/csharp@v17.0.4...v17.0.14

v17.0.4

What's Changed

Full Changelog: kubernetes-client/csharp@v16.0.7...v17.0.4

v16.0.7

What's Changed

New Contributors

Full Changelog: kubernetes-client/csharp@v16.0.6...v16.0.7

Configuration

📅 Schedule: Branch creation - "" in timezone Australia/Brisbane, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@Octobob Octobob requested a review from a team as a code owner September 17, 2025 22:07
@Octobob Octobob added dependencies Pull requests that update a dependency file Tentacle labels Sep 17, 2025
@APErebus APErebus requested a review from a team as a code owner September 17, 2025 23:47
@APErebus
Copy link
Contributor

This PR also bumps the supported and tested k8s versions

@APErebus APErebus enabled auto-merge (squash) September 18, 2025 00:03
@APErebus APErebus disabled auto-merge September 18, 2025 01:24
@APErebus APErebus changed the title chore(deps): update dependency kubernetesclient to v17 [security] Update supported Kubernetes versions and client library Sep 18, 2025
@APErebus APErebus enabled auto-merge (squash) September 18, 2025 02:56
@APErebus APErebus merged commit 7c69f3b into main Sep 18, 2025
49 checks passed
@APErebus APErebus deleted the renovate-dotnet/nuget-kubernetesclient-vulnerability branch September 18, 2025 03:23
@APErebus APErebus mentioned this pull request Sep 18, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@APErebus APErebus APErebus approved these changes

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file Tentacle
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Octobob @APErebus @renovate-bot @eddymoulton