precision without overflow. Rounding uses IEEE 754 round-to-even rules but with an IEEE
negative zero further simplified to an unsigned zero. Note that constant values never result
in an IEEE negative zero, NaN, or infinity.
</li>

<li>
<code>T</code> is a complex type, and <code>x</code>'s

  // not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
  // a shell, you need to explicitly call out to that shell.
  // Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
  // +optional
  repeated string command = 1;
}

// Represents a Fibre Channel volume.
// Fibre Channel volumes can only be mounted as read/write once.

**Affected Versions**:
  - kubelet >= v1.8.0

**Fixed Versions**:
  - kubelet v1.28.4
  - kubelet v1.27.8
  - kubelet v1.26.11
  - kubelet v1.25.16

This vulnerability was reported by Tomer Peled @tomerpeled92"


**CVSS Rating:** High (7.2) [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

## Changes by Kind

pkg syscall (darwin-arm64), const IPV6_FW_GET = 34
pkg syscall (darwin-arm64), const IPV6_FW_GET ideal-int
pkg syscall (darwin-arm64), const IPV6_FW_ZERO = 33
pkg syscall (darwin-arm64), const IPV6_FW_ZERO ideal-int
pkg syscall (darwin-arm64), const IPV6_HLIMDEC = 1
pkg syscall (darwin-arm64), const IPV6_HLIMDEC ideal-int
pkg syscall (darwin-arm64), const IPV6_IPSEC_POLICY = 28

* Fixed crash in kubectl cp when path has multiple leading slashes. ([#58144](https://github.com/kubernetes/kubernetes/pull/58144), [@tomerf](https://github.com/tomerf))

- `VolumeBindingArgs` now allow `BindTimeoutSeconds` to be set as zero, while the value zero indicates no waiting for the checking of volume binding operation. ([#99835](https://github.com/kubernetes/kubernetes/pull/99835), [@chendave](https://github.com/chendave)) [SIG Scheduling and Storage]

**Affected Versions**:
  - kubelet >= v1.8.0

**Fixed Versions**:
  - kubelet v1.28.4
  - kubelet v1.27.8
  - kubelet v1.26.11
  - kubelet v1.25.16

This vulnerability was reported by Tomer Peled @tomerpeled92"


**CVSS Rating:** High (7.2) [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

## Changes by Kind

**Affected Versions**:
  - kubelet >= v1.8.0

**Fixed Versions**:
  - kubelet v1.28.4
  - kubelet v1.27.8
  - kubelet v1.26.11
  - kubelet v1.25.16

This vulnerability was reported by Tomer Peled @tomerpeled92"


**CVSS Rating:** High (7.2) [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

## Changes by Kind

*   A new service annotation `service.beta.kubernetes.io/azure-dns-label-name` now sets the Azure DNS label for a public IP address. ([#47849](https://github.com/kubernetes/kubernetes/pull/47849),[ @tomerf](https://github.com/tomerf))

 ([#64792](https://github.com/kubernetes/kubernetes/pull/64792), [@luxas](https://github.com/luxas))