- `kind: "AdmissionReview"` is required
  - `response.uid: "<value of request.uid>"` is required
  - `response.patchType: "JSONPatch"` is required (if `response.patch` is set) ([#80231](https://github.com/kubernetes/kubernetes/pull/80231), [@liggitt](https://github.com/liggitt))
- The `CustomResourceDefinition` API type is promoted to `apiextensions.k8s.io/v1` with the following changes:

    - [CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)](#cve-2022-3172-aggregated-api-server-can-cause-clients-to-be-redirected-ssrf)
    - [CVE-2021-25749: <code>runAsNonRoot</code> logic bypass for Windows containers](#cve-2021-25749-runasnonroot-logic-bypass-for-windows-containers)
    - [Am I vulnerable?](#am-i-vulnerable)
      - [Affected Versions](#affected-versions)

    - [CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)](#cve-2022-3172-aggregated-api-server-can-cause-clients-to-be-redirected-ssrf)
    - [CVE-2021-25749: <code>runAsNonRoot</code> logic bypass for Windows containers](#cve-2021-25749-runasnonroot-logic-bypass-for-windows-containers)
  - [Changes by Kind](#changes-by-kind-6)
    - [Bug or Regression](#bug-or-regression-6)
  - [Dependencies](#dependencies-6)

    - [Node Binaries](#node-binaries-4)
  - [Changelog since v1.20.10](#changelog-since-v12010)
  - [Important Security Information](#important-security-information)
    - [CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access](#cve-2021-25741-symlink-exchange-can-allow-host-filesystem-access)
  - [Changes by Kind](#changes-by-kind-4)
    - [Bug or Regression](#bug-or-regression-4)

### SIG Autoscaling

- Horizontal Pod Autoscaler default update interval has been increased from 30s to 15s, improving HPA reaction time for metric changes. ([#68021](https://github.com/kubernetes/kubernetes/pull/68021), [@krzysztof-jastrzebski](https://github.com/krzysztof-jastrzebski))

    - [Node Binaries](#node-binaries-9)
  - [Changelog since v1.21.4](#changelog-since-v1214)
  - [Important Security Information](#important-security-information)
    - [CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access](#cve-2021-25741-symlink-exchange-can-allow-host-filesystem-access)
  - [Changes by Kind](#changes-by-kind-8)
    - [Feature](#feature-6)
    - [Bug or Regression](#bug-or-regression-8)

    * Remove deprecated and unmaintained openstack-heat kube-up.sh.  ([#58021](https://github.com/kubernetes/kubernetes/pull/58021), [@mikedanese](https://github.com/mikedanese))

    * Remove deprecated vagrant kube-up.sh. ([#58118](https://github.com/kubernetes/kubernetes/pull/58118),[@roberthbailey](https://github.com/roberthbailey))

    - [Node binaries](#node-binaries-2)
  - [Changelog since v1.18.17](#changelog-since-v11817)
  - [Important Security Information](#important-security-information)
    - [CVE-2021-25735: Validating Admission Webhook does not observe some previous fields](#cve-2021-25735-validating-admission-webhook-does-not-observe-some-previous-fields)
  - [Changes by Kind](#changes-by-kind-2)
    - [API Change](#api-change-1)
    - [Feature](#feature)

    - [CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)](#cve-2022-3172-aggregated-api-server-can-cause-clients-to-be-redirected-ssrf)
    - [CVE-2021-25749: <code>runAsNonRoot</code> logic bypass for Windows containers](#cve-2021-25749-runasnonroot-logic-bypass-for-windows-containers)
    - [Am I vulnerable?](#am-i-vulnerable)
      - [Affected Versions](#affected-versions)

pkg syscall (netbsd-arm64-cgo), const ETHER_PPPOE_ENCAP_LEN = 8
pkg syscall (netbsd-arm64-cgo), const ETHER_PPPOE_ENCAP_LEN ideal-int
pkg syscall (netbsd-arm64-cgo), const ETHERTYPE_8023 = 4
pkg syscall (netbsd-arm64-cgo), const ETHERTYPE_8023 ideal-int
pkg syscall (netbsd-arm64-cgo), const ETHERTYPE_AARP = 33011
pkg syscall (netbsd-arm64-cgo), const ETHERTYPE_AARP ideal-int
pkg syscall (netbsd-arm64-cgo), const ETHERTYPE_ACCTON = 33680