Accepting request 1093893 from devel:kubic

OBS-URL: https://build.opensuse.org/request/show/1093893
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/kubernetes1.24?expand=0&rev=10

kubernetes-1.24.13.obscpio

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d2fc11b5507d225184a56aa4b226bb08c8c8265261facba1224186ec69ac385d
-size 253555726

kubernetes1.24.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Jun 20 07:00:47 UTC 2023 - Priyanka Saggu <priyanka.saggu@suse.com>
+
+- remove: kube-apiserver-admission-plugin-policy.patch 
+  * patch included upstream in the v1.24.15 patch version release
+- remove: kubernetes1.24.13.obscpio 
+
 -------------------------------------------------------------------
 Thu Jun 15 11:24:49 UTC 2023 - Priyanka Saggu <priyanka.saggu@suse.com>
 
@@ -47,6 +54,14 @@ Mon Jun 12 04:55:15 UTC 2023 - Priyanka Saggu <priyanka.saggu@suse.com>
   * Skip mount point checks when possible during mount cleanup.
   * Return error for localhost seccomp type with no localhost profile defined
 
+-------------------------------------------------------------------
+Thu Jun  8 04:42:55 UTC 2023 - Priyanka Saggu <priyanka.saggu@suse.com>
+Security Patch Fix for CVE-2023-2727 (bsc#1211630) and CVE-2023-2728 (bsc#1211631)
+* added patch: kube-apiserver-admission-plugin-policy.patch
+* this new kube-apiserver component patch prevents ephemeral containers:
+  ** from using an image that is restricted by ImagePolicyWebhook (CVE-2023-2727)
+  ** from bypassing the mountable secrets policy enforced by the ServiceAccount admission plugin (CVE-2023-2728) 
+
 -------------------------------------------------------------------
 Thu Apr 27 11:52:05 UTC 2023 - Priyanka Saggu <priyanka.saggu@suse.com>
 

kubernetes1.24.spec

@@ -73,6 +73,7 @@ for management and discovery.
 
 
 
+
 # packages to build containerized control plane
 
 %package apiserver