ResourceClass, PodScheduling) must be deleted. The changes are internal, so
  YAML files which create pods and resource claims don't need changes except for
  the newer `apiVersion`. ([#116299](https://github.com/kubernetes/kubernetes/pull/116299), [@pohly](https://github.com/pohly))

            "type": "string"
          }
        },
        "required": [
          "pathType",

            "type": "string"
          },
          "endpointsNamespace": {
            "description": "endpointsNamespace is the namespace that contains Glusterfs endpoint. If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod",
            "type": "string"
          },

- Fix a panic when using invalid output format in kubectl create secret command ([#107347](https://github.com/kubernetes/kubernetes/pull/107347), [@rikatz](https://github.com/rikatz)) [SIG CLI]

### CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.

**Affected Versions**:

/Alphanumeric.class package org.junit.runner.manipulation; public final synchronized class Alphanumeric extends Sorter implements Ordering$Factory { private static final java.util.Comparator COMPARATOR; public void Alphanumeric(); public Ordering create(Ordering$Context); static void <clinit>(); } org/junit/runner/manipulation/Filter$1.class package org.junit.runner.manipulation; final synchronized class Filter$1 extends Filter { void Filter$1(); public boolean shouldRun(org.junit.runner.Description);...

### CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.

**Affected Versions**:

        "properties": {
          "clusterRoleSelectors": {
            "description": "ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. If any of the selectors match, then the ClusterRole's permissions will be added",
            "items": {
              "allOf": [
                {

If you used to rely on this behavior, now you should create the resources for background tasks inside the background task itself, and use internally only data that doesn't depend on the resources of dependencies with `yield`.

external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin...