# 4.13.23 Created: 2023-11-16 13:05:12 +0000 UTC Image Digest: `sha256:b2e0ff69918b845d1a1a6c503b764facbfb34afffc64b5dcfb798a385a8f4af5` Promoted from registry.ci.openshift.org/ocp-arm64/release-arm64:4.13.0-0.nightly-arm64-2023-11-15-174608 ## Changes from 4.13.22 ### Components * Kubernetes 1.26.9 * Red Hat Enterprise Linux CoreOS upgraded from 413.92.202311061658-0 to 413.92.202311151359-0 ### Rebuilt images without code change * [agent-installer-api-server](https://github.com/openshift/assisted-service) git [06189bcd](https://github.com/openshift/assisted-service/commit/06189bcdb0bea068f8ac51a3550fcdcbde522a76) `sha256:8b8a8fdb394931585793c899f2eff684dc6ac838e267b6e7cf8d4ca4f55ac337` * [agent-installer-csr-approver](https://github.com/openshift/assisted-installer) git [edf25423](https://github.com/openshift/assisted-installer/commit/edf25423e34294b754ac16a67dbaf1aed7467ca4) `sha256:9d40243e5bdf2fda691e0d2b0ec1e9bd84ec0197f8d98a3cf20a0f31f8809b32` * [driver-toolkit](https://github.com/openshift/driver-toolkit) git [d719bdcf](https://github.com/openshift/driver-toolkit/commit/d719bdcfa49bc18b729117ee513a86a1ddecb63a) `sha256:9437ccf659c1a99594a0d5321aa2f6a230c15066b6e04efed60380a163646c6d` * [ironic-machine-os-downloader](https://github.com/openshift/ironic-rhcos-downloader) git [ce291779](https://github.com/openshift/ironic-rhcos-downloader/commit/ce2917794de5723248fe3302c8833f89fb54265a) `sha256:fd09397bec07720584104e68418e7102881748f6270fc5fef4ae36578aaf011e` * machine-os-content `sha256:43f956b509c955aba8f5df22e7aa662a4c7de10494d3e726c155eb29b332d1af` * [machine-os-images](https://github.com/openshift/machine-os-images) git [b14856ff](https://github.com/openshift/machine-os-images/commit/b14856ffbc8fbe1f986cf1b7b835bbeaa786ce5e) `sha256:0764a59f307b8b8e4a531fefe6782805ce78353cbd06e86496fb7fbcb2c30049` * [must-gather](https://github.com/openshift/must-gather) git [288ef2fc](https://github.com/openshift/must-gather/commit/288ef2fcfe63cbfab0af69a41b508c044ee890aa) `sha256:bec65cb3fea65f8bb2d42e487d5592e29bf220955136fe1aa94a6c75076b6260` * [network-tools](https://github.com/openshift/network-tools) git [073feda1](https://github.com/openshift/network-tools/commit/073feda14fbd894c4238d693afa38a06392f2360) `sha256:520b3b787a38cdc8610e040e38c56e82956524dc363844a0f43f8d14af1b82bc` * [ovn-kubernetes-rhel-9](https://github.com/openshift/ovn-kubernetes) git [cfe89e5a](https://github.com/openshift/ovn-kubernetes/commit/cfe89e5a298b402df4323de38df1597be3c546a4) `sha256:5af7c01c6ca4a0a8ebe0fa43fc27cccd0f314ac7a4baa3c9f664e7ef588c60e0` * rhel-coreos `sha256:efe2a1dcd41cf8f6254313c08e8547da39b93c790ab5e66f56922b9eb6c7a9c9` * rhel-coreos-extensions `sha256:0b873053674ee4b976b047f15ed8288b4022b377b14099cfc340d9c8935f6895` * [sdn](https://github.com/openshift/sdn) git [f86266b2](https://github.com/openshift/sdn/commit/f86266b225c316e8c676894e5499fc6d8294d967) `sha256:346b40f3dfe72def74d5dffe3d74260b1c016475181e9d4a94db57f728fd29d1` ### [aws-pod-identity-webhook](https://github.com/openshift/aws-pod-identity-webhook/tree/ee0fcde48c1122eeb59b2dedaa5e603fbe33812f) * NO-ISSUE: Sync OWNERS with team members [#177](https://github.com/openshift/aws-pod-identity-webhook/pull/177) * [Full changelog](https://github.com/openshift/aws-pod-identity-webhook/compare/1955d5cf4ebb21a4296dd76ca0a7455a6528c945...ee0fcde48c1122eeb59b2dedaa5e603fbe33812f) ### [azure-disk-csi-driver](https://github.com/openshift/azure-disk-csi-driver/tree/b6d3fbcbf312f03247092323a88a43873b693f22) * [OCPBUGS-23216](https://issues.redhat.com/browse/OCPBUGS-23216): Update to v1.26.7 [#63](https://github.com/openshift/azure-disk-csi-driver/pull/63) * [Full changelog](https://github.com/openshift/azure-disk-csi-driver/compare/9251edb7ba225155e9df56938c9e2975523ecf50...b6d3fbcbf312f03247092323a88a43873b693f22) ### [baremetal-installer, installer, installer-artifacts](https://github.com/openshift/installer/tree/2a5bc79ec57d71969420af6a7043273f90f775a8) * [OCPBUGS-23141](https://issues.redhat.com/browse/OCPBUGS-23141): Specify google cloud CLI to version 447.0.0 [#7706](https://github.com/openshift/installer/pull/7706) * [OCPBUGS-22939](https://issues.redhat.com/browse/OCPBUGS-22939): azure: validation: validate defaultMachinePlatform [#7679](https://github.com/openshift/installer/pull/7679) * [Full changelog](https://github.com/openshift/installer/compare/6b4d38d4b3a2f2f6cf6a80efde08ca799cb2bfc6...2a5bc79ec57d71969420af6a7043273f90f775a8) ### [baremetal-runtimecfg](https://github.com/openshift/baremetal-runtimecfg/tree/9ec12d4d61545bc27481f86aecfec99367996910) * [OCPBUGS-22207](https://issues.redhat.com/browse/OCPBUGS-22207): deps: upgrade x/sys [#282](https://github.com/openshift/baremetal-runtimecfg/pull/282) * [Full changelog](https://github.com/openshift/baremetal-runtimecfg/compare/1bfd3bca2b8fb38a33cf9e250fe0eeb66bcd5341...9ec12d4d61545bc27481f86aecfec99367996910) ### [cli, cli-artifacts, deployer, tools](https://github.com/openshift/oc/tree/c7c6eb21da5c5b9f813ea09a21aa3e7226206993) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): Add OAuth2 Authorization Code Grant Flow for login [#1599](https://github.com/openshift/oc/pull/1599) * [OCPBUGS-22815](https://issues.redhat.com/browse/OCPBUGS-22815): regeneratemco: explicitly check for PlatformStatus field [#1593](https://github.com/openshift/oc/pull/1593) * [Full changelog](https://github.com/openshift/oc/compare/717d4a58931ec44cacd43af6dbc5eded5e8a9ab5...c7c6eb21da5c5b9f813ea09a21aa3e7226206993) ### [cluster-authentication-operator](https://github.com/openshift/cluster-authentication-operator/tree/2b2f67cf68ad52b362d51e4fcfc2f8aa98e4b929) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): Add openshift-cli-client OAuth Client [#641](https://github.com/openshift/cluster-authentication-operator/pull/641) * [Full changelog](https://github.com/openshift/cluster-authentication-operator/compare/2c226ab9da430d772c69ed5099d41d38cc09ba3f...2b2f67cf68ad52b362d51e4fcfc2f8aa98e4b929) ### [cluster-capi-operator](https://github.com/openshift/cluster-capi-operator/tree/b247793dd364f280ad097f5266b4164740e43a44) * [OCPBUGS-21082](https://issues.redhat.com/browse/OCPBUGS-21082): bump golang.org/x/net to v0.17.0 [#137](https://github.com/openshift/cluster-capi-operator/pull/137) * [Full changelog](https://github.com/openshift/cluster-capi-operator/compare/ce1c9a359ec9ab0c5526cd8594ea59bb52044026...b247793dd364f280ad097f5266b4164740e43a44) ### [cluster-etcd-operator](https://github.com/openshift/cluster-etcd-operator/tree/44b4cadbd5c606b0ebc4785b200ff9932d0b1ed9) * [OCPBUGS-22783](https://issues.redhat.com/browse/OCPBUGS-22783): relax readiness to local serializable requests [#1144](https://github.com/openshift/cluster-etcd-operator/pull/1144) * [OCPBUGS-23044](https://issues.redhat.com/browse/OCPBUGS-23044): remove revision stability check from bootstrap complet… [#1151](https://github.com/openshift/cluster-etcd-operator/pull/1151) * [Full changelog](https://github.com/openshift/cluster-etcd-operator/compare/da6a70c4510b7f5e6afa457f026da40f5c4478e6...44b4cadbd5c606b0ebc4785b200ff9932d0b1ed9) ### [cluster-kube-apiserver-operator](https://github.com/openshift/cluster-kube-apiserver-operator/tree/2b2d2d899781939ee57b1d26e59fef606d8603ed) * : OCPBUGS-20880: bump library-go to include switch to HTTP/1.1 [#1573](https://github.com/openshift/cluster-kube-apiserver-operator/pull/1573) * [Full changelog](https://github.com/openshift/cluster-kube-apiserver-operator/compare/d525f5d788e2a8bbf7dd01902084c3587d32a58f...2b2d2d899781939ee57b1d26e59fef606d8603ed) ### [cluster-kube-scheduler-operator](https://github.com/openshift/cluster-kube-scheduler-operator/tree/60e35d65863edfecd97ba0d57fc4fc21c4a20cfa) * [OCPBUGS-21811](https://issues.redhat.com/browse/OCPBUGS-21811): Bump deps to address CVE-2023-44487 [#502](https://github.com/openshift/cluster-kube-scheduler-operator/pull/502) * [Full changelog](https://github.com/openshift/cluster-kube-scheduler-operator/compare/b4c50a4d65f6971abeed1da815aac038d8700715...60e35d65863edfecd97ba0d57fc4fc21c4a20cfa) ### [cluster-kube-storage-version-migrator-operator](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/tree/721de5d64083b17c22f6b784bb2c78af39d7b3b0) * : OCPBUGS-21355: bump library-go to include switch to HTTP/1.1 [#97](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/pull/97) * [Full changelog](https://github.com/openshift/cluster-kube-storage-version-migrator-operator/compare/9f475980d1e6a70f0e9400aec6f15e5f5a6132b6...721de5d64083b17c22f6b784bb2c78af39d7b3b0) ### [cluster-monitoring-operator](https://github.com/openshift/cluster-monitoring-operator/tree/034a99edfa2cba2b0a0483ce387c767090d3984c) * [OCPBUGS-22920](https://issues.redhat.com/browse/OCPBUGS-22920): jsonnet: pin commits [#2144](https://github.com/openshift/cluster-monitoring-operator/pull/2144) * [Full changelog](https://github.com/openshift/cluster-monitoring-operator/compare/5b1888edbda4cd51719f84630312df096ab5864c...034a99edfa2cba2b0a0483ce387c767090d3984c) ### [cluster-node-tuning-operator](https://github.com/openshift/cluster-node-tuning-operator/tree/05a417a71fb3ecccabe58ab98e139d245f619be1) * Disable HTTP/2 for webhook and metrics servers (#846) [#846](https://github.com/openshift/cluster-node-tuning-operator/pull/846) * [Full changelog](https://github.com/openshift/cluster-node-tuning-operator/compare/f2360b3c7ba350578074e4cf6d92c805ca199d89...05a417a71fb3ecccabe58ab98e139d245f619be1) ### [cluster-policy-controller](https://github.com/openshift/cluster-policy-controller/tree/3b0d075530fdbfdacdfe574151a3313f5231459c) * [OCPBUGS-21103](https://issues.redhat.com/browse/OCPBUGS-21103): Bump deps to address CVE-2023-44487 [4.13] [#135](https://github.com/openshift/cluster-policy-controller/pull/135) * [Full changelog](https://github.com/openshift/cluster-policy-controller/compare/8d2af85d0b6dcf09256bd9fecc5d36ac77bc41d1...3b0d075530fdbfdacdfe574151a3313f5231459c) ### [console](https://github.com/openshift/console/tree/31c90a0bc143ce7d37893a3e3c90eefb2f4197ec) * [OCPBUGS-23065](https://issues.redhat.com/browse/OCPBUGS-23065): remove expandable toggle for conditional update risk d… [#13316](https://github.com/openshift/console/pull/13316) * [Full changelog](https://github.com/openshift/console/compare/e4f50339fa9aa34d216f4c402cc78c0734331d08...31c90a0bc143ce7d37893a3e3c90eefb2f4197ec) ### [container-networking-plugins](https://github.com/openshift/containernetworking-plugins/tree/614ca3c35e1847f38f0f427c04a064cd31ac5002) * [OCPBUGS-20594](https://issues.redhat.com/browse/OCPBUGS-20594): build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 [backport 4.13] [#130](https://github.com/openshift/containernetworking-plugins/pull/130) * [Full changelog](https://github.com/openshift/containernetworking-plugins/compare/dbf24deae8df2b7ccc4c468fddcbb4a19214afa5...614ca3c35e1847f38f0f427c04a064cd31ac5002) ### [csi-driver-shared-resource, csi-driver-shared-resource-webhook](https://github.com/openshift/csi-driver-shared-resource/tree/d1900f9fd234753f73cd9c720e1f98825edb6d51) * [OCPBUGS-23116](https://issues.redhat.com/browse/OCPBUGS-23116): Should reference configmaps instead of secrets [#153](https://github.com/openshift/csi-driver-shared-resource/pull/153) * [Full changelog](https://github.com/openshift/csi-driver-shared-resource/compare/9724dcf486c1699ca7117318b9c74f408fdc495d...d1900f9fd234753f73cd9c720e1f98825edb6d51) ### [docker-builder](https://github.com/openshift/builder/tree/0155fb1876cd809c97b46dff0660931046ab6076) * [OCPBUGS-22468](https://issues.redhat.com/browse/OCPBUGS-22468): [release-4.13] Bump github.com/sigstore/rekor [#374](https://github.com/openshift/builder/pull/374) * [Full changelog](https://github.com/openshift/builder/compare/9ff92619c755cfbc69444d43275f57a33400d8e1...0155fb1876cd809c97b46dff0660931046ab6076) ### [gcp-cluster-api-controllers](https://github.com/openshift/cluster-api-provider-gcp/tree/b8a2772574aacf16a998ff7c7ba24000eff60d07) * [OCPBUGS-21398](https://issues.redhat.com/browse/OCPBUGS-21398): Bump golang.org/x/net to v0.17.0 [#204](https://github.com/openshift/cluster-api-provider-gcp/pull/204) * [Full changelog](https://github.com/openshift/cluster-api-provider-gcp/compare/eaeccca9082e1c02ad3422ff49e69cc595bd2ec6...b8a2772574aacf16a998ff7c7ba24000eff60d07) ### [insights-operator](https://github.com/openshift/insights-operator/tree/0e04329a08ff18aa3b2f3fb0bb066d89ec284158) * [OCPBUGS-22953](https://issues.redhat.com/browse/OCPBUGS-22953): create Prometheus rules programmatically according the… (#860) [#860](https://github.com/openshift/insights-operator/pull/860) * [Full changelog](https://github.com/openshift/insights-operator/compare/6de3e6fd27e038541844b1611489a048c181552a...0e04329a08ff18aa3b2f3fb0bb066d89ec284158) ### [ironic](https://github.com/openshift/ironic-image/tree/c1780223e2090e18dc35b45f731cf4e40b7cf894) * [OCPBUGS-19078](https://issues.redhat.com/browse/OCPBUGS-19078): Handle Eject DVD 4.13 [#416](https://github.com/openshift/ironic-image/pull/416) * [OCPBUGS-23072](https://issues.redhat.com/browse/OCPBUGS-23072): Use bash process substitution instead of pipe [#413](https://github.com/openshift/ironic-image/pull/413) * [Full changelog](https://github.com/openshift/ironic-image/compare/fc1cca95711797767336878bfb9e2e4b9801ecfa...c1780223e2090e18dc35b45f731cf4e40b7cf894) ### [kube-state-metrics](https://github.com/openshift/kube-state-metrics/tree/fd791df54d7271c1611090505509a03454168689) * [OCPBUGS-20778](https://issues.redhat.com/browse/OCPBUGS-20778): bump x/net to v0.17.0 [#102](https://github.com/openshift/kube-state-metrics/pull/102) * [Full changelog](https://github.com/openshift/kube-state-metrics/compare/4b9698489404f06195ba8a4646d58d67e13501d4...fd791df54d7271c1611090505509a03454168689) ### [multus-admission-controller](https://github.com/openshift/multus-admission-controller/tree/9b0656af8316420bf05a7d3a0969feded615ed64) * [OCPBUGS-21353](https://issues.redhat.com/browse/OCPBUGS-21353): Update go.mod for CVE-2023-39325 [Release-4.13] [#72](https://github.com/openshift/multus-admission-controller/pull/72) * [Full changelog](https://github.com/openshift/multus-admission-controller/compare/f76d674edb07d7006f04748338c1013499c0e7ab...9b0656af8316420bf05a7d3a0969feded615ed64) ### [multus-cni](https://github.com/openshift/multus-cni/tree/906067fdbf94800efb89895b38ae037947a12b46) * [OCPBUGS-21076](https://issues.redhat.com/browse/OCPBUGS-21076): Update go.mod for CVE-2023-39325 [Release-4.13] [#195](https://github.com/openshift/multus-cni/pull/195) * [Full changelog](https://github.com/openshift/multus-cni/compare/bb616eff56bf0b71ad85009360231f4686a6e4a9...906067fdbf94800efb89895b38ae037947a12b46) ### [multus-networkpolicy](https://github.com/openshift/multus-networkpolicy/tree/7176ab75edaf6328bb1da06ba55378815271d218) * [OCPBUGS-21438](https://issues.redhat.com/browse/OCPBUGS-21438): Update go.mod for CVE-2023-39325 (#35) [#35](https://github.com/openshift/multus-networkpolicy/pull/35) * [Full changelog](https://github.com/openshift/multus-networkpolicy/compare/7b99c194d5d2b092a64dc7b8673ef96a399cc7a8...7176ab75edaf6328bb1da06ba55378815271d218) ### [network-metrics-daemon](https://github.com/openshift/network-metrics-daemon/tree/ff460fbae0d9537b05e38b6402fd390136235482) * Update the k8s dependencies to 1.26.10 (#83) [#83](https://github.com/openshift/network-metrics-daemon/pull/83) * [Full changelog](https://github.com/openshift/network-metrics-daemon/compare/e72c8ad1581132817c09e23295f55425a14a5c58...ff460fbae0d9537b05e38b6402fd390136235482) ### [oauth-server](https://github.com/openshift/oauth-server/tree/eb54be281d8f215a6eaa6e10ed1b303c7d064bac) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): update osin to latest version [#139](https://github.com/openshift/oauth-server/pull/139) * [Full changelog](https://github.com/openshift/oauth-server/compare/b841149f2ec0c1ffcb0393e6f70b1e4547f3b18e...eb54be281d8f215a6eaa6e10ed1b303c7d064bac) ### [ovirt-csi-driver](https://github.com/openshift/ovirt-csi-driver/tree/54958deb4998e08696af0abe3585486a6b5b6800) * [OCPBUGS-23155](https://issues.redhat.com/browse/OCPBUGS-23155): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#130](https://github.com/openshift/ovirt-csi-driver/pull/130) * [Full changelog](https://github.com/openshift/ovirt-csi-driver/compare/f21b470f4927f97eca93a0a390cffccd7d724043...54958deb4998e08696af0abe3585486a6b5b6800) ### [ovirt-csi-driver-operator](https://github.com/openshift/ovirt-csi-driver-operator/tree/b293972fe2c5eef4262130de621e75e5d0c37d8e) * [OCPBUGS-23241](https://issues.redhat.com/browse/OCPBUGS-23241): CVE-2023-44487: bump golang.org/x/net to v0.17.0 [#127](https://github.com/openshift/ovirt-csi-driver-operator/pull/127) * [Full changelog](https://github.com/openshift/ovirt-csi-driver-operator/compare/aca579dfc9aa1921849f9573f5179fcb2bf89f28...b293972fe2c5eef4262130de621e75e5d0c37d8e) ### [tests](https://github.com/openshift/origin/tree/99b9d537a935e6446ba1fcd55e9a5b5ba090820a) * [AUTH-443](https://issues.redhat.com/browse/AUTH-443): Add oauth-server redirect URI validation e2e tests [#28396](https://github.com/openshift/origin/pull/28396) * [Full changelog](https://github.com/openshift/origin/compare/4b36925d62ba1174f2105cb826f0b3d2a9bff71c...99b9d537a935e6446ba1fcd55e9a5b5ba090820a)