- [Server Binaries](#server-binaries-7)
    - [Node Binaries](#node-binaries-7)
  - [Changelog since v1.6.5](#changelog-since-v165)
    - [Action Required](#action-required)
    - [Other notable changes](#other-notable-changes-7)
- [v1.6.5](#v165)
  - [Known Issues for v1.6.5](#known-issues-for-v165)
  - [Downloads for v1.6.5](#downloads-for-v165)
    - [Client Binaries](#client-binaries-8)
    - [Server Binaries](#server-binaries-8)

	VPROLD $65, Z21, K7, Z14                           // 62b10d4f72cd41
	VPROLD $65, Z8, K7, Z14                            // 62d10d4f72c841
	VPROLD $65, 7(SI)(DI*8), K7, Z14                   // 62f10d4f728cfe0700000041
	VPROLD $65, -15(R14), K7, Z14                      // 62d10d4f728ef1ffffff41
	VPROLD $65, Z21, K7, Z15                           // 62b1054f72cd41

pkg syscall (darwin-arm64), const EFTYPE = 79
pkg syscall (darwin-arm64), const EFTYPE Errno
pkg syscall (darwin-arm64), const EHOSTDOWN = 64
pkg syscall (darwin-arm64), const EHOSTUNREACH = 65
pkg syscall (darwin-arm64), const EIDRM = 90
pkg syscall (darwin-arm64), const EILSEQ = 92
pkg syscall (darwin-arm64), const EINPROGRESS = 36
pkg syscall (darwin-arm64), const EINTR = 4

- cloud.google.com/go/documentai: v1.23.7
- cloud.google.com/go/domains: v0.9.4
- cloud.google.com/go/edgecontainer: v1.1.4
- cloud.google.com/go/errorreporting: v0.3.0
- cloud.google.com/go/essentialcontacts: v1.6.5
- cloud.google.com/go/eventarc: v1.13.3
- cloud.google.com/go/filestore: v1.8.0
- cloud.google.com/go/firestore: v1.14.0
- cloud.google.com/go/functions: v1.15.4
- cloud.google.com/go/gkebackup: v1.3.4

- cloud.google.com/go/documentai: v1.22.0 → v1.23.7
- cloud.google.com/go/domains: v0.9.1 → v0.9.4
- cloud.google.com/go/edgecontainer: v1.1.1 → v1.1.4
- cloud.google.com/go/essentialcontacts: v1.6.2 → v1.6.5
- cloud.google.com/go/eventarc: v1.13.0 → v1.13.3
- cloud.google.com/go/filestore: v1.7.1 → v1.8.0
- cloud.google.com/go/firestore: v1.12.0 → v1.14.0
- cloud.google.com/go/functions: v1.15.1 → v1.15.4

pkg syscall (netbsd-arm64-cgo), const EFTYPE = 79
pkg syscall (netbsd-arm64-cgo), const EFTYPE Errno
pkg syscall (netbsd-arm64-cgo), const EHOSTDOWN = 64
pkg syscall (netbsd-arm64-cgo), const EHOSTUNREACH = 65
pkg syscall (netbsd-arm64-cgo), const EIDRM = 82
pkg syscall (netbsd-arm64-cgo), const EILSEQ = 85
pkg syscall (netbsd-arm64-cgo), const EINPROGRESS = 36
pkg syscall (netbsd-arm64-cgo), const EINTR = 4

  - kube-apiserver v1.24.8
  - kube-apiserver v1.23.14
  - kube-apiserver v1.22.16

This vulnerability was reported by Richard Turnbull of NCC Group as part of the Kubernetes Audit


**CVSS Rating:** Medium (6.5) [CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N](https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

### CVE-2022-3294: Node address isn't always verified when proxying

### Cloud Providers

* Azure: Container permissions for provisioned volumes have changed to private. If you have existing Azure volumes that were created by Kubernetes v1.6.0-v1.6.5, you should change the permissions on them manually. ([#47605](https://github.com/kubernetes/kubernetes/pull/47605), [@brendandburns](https://github.com/brendandburns))

  - kube-apiserver v1.24.8
  - kube-apiserver v1.23.14
  - kube-apiserver v1.22.16

This vulnerability was reported by Richard Turnbull of NCC Group as part of the Kubernetes Audit


**CVSS Rating:** Medium (6.5) [CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N](https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

### CVE-2022-3294: Node address isn't always verified when proxying

  - kube-apiserver v1.20.6
  - kube-apiserver v1.19.10
  - kube-apiserver v1.18.18

This vulnerability was reported by Rogerio Bastos & Ari Lima from RedHat


**CVSS Rating:** Medium (6.5) [CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H](https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H)

## Changes by Kind

### API Change