- [Changelog since v1.23.10](#changelog-since-v12310)
  - [Important Security Information](#important-security-information-1)
    - [CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)](#cve-2022-3172-aggregated-api-server-can-cause-clients-to-be-redirected-ssrf)
    - [CVE-2021-25749: <code>runAsNonRoot</code> logic bypass for Windows containers](#cve-2021-25749-runasnonroot-logic-bypass-for-windows-containers)

- Support for Windows container images (OS Versions: 1809, 1903, 1909, 2004) was added to the pause:3.4 image. ([#91452](https://github.com/kubernetes/kubernetes/pull/91452), [@claudiubelu](https://github.com/claudiubelu)) [SIG Node, Release and Windows]

herself, as well as she could for sneezing.

  There was certainly too much of it in the air.  Even the
Duchess sneezed occasionally; and as for the baby, it was
sneezing and howling alternately without a moment's pause.  The
only things in the kitchen that did not sneeze, were the cook,
and a large cat which was sitting on the hearth and grinning from
ear to ear.

  `Please would you tell me,' said Alice, a little timidly, for

- Kubeadm now respects the custom image registry configuration across joins and upgrades. Kubeadm passes the custom registry to the kubelet for a custom pause container. ([#70603](https://github.com/kubernetes/kubernetes/pull/70603), [@chuckha](https://github.com/chuckha))

herself, as well as she could for sneezing.

  There was certainly too much of it in the air.  Even the
Duchess sneezed occasionally; and as for the baby, it was
sneezing and howling alternately without a moment's pause.  The
only things in the kitchen that did not sneeze, were the cook,
and a large cat which was sitting on the hearth and grinning from
ear to ear.

  `Please would you tell me,' said Alice, a little timidly, for

    * request a client certificate from the API server during the boot cycle and pause
    * waiting for the request to be satisfied. It will continually refresh the certificate
    * as the certificates expiration approaches.

- Fixed a data race in kubelet image manager that can cause static pod workers to silently stop working. ([#88915](https://github.com/kubernetes/kubernetes/pull/88915), [@roycaihw](https://github.com/roycaihw)) [SIG Node]

  - [Changelog since v1.22.13](#changelog-since-v12213)
  - [Important Security Information](#important-security-information-1)
    - [CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)](#cve-2022-3172-aggregated-api-server-can-cause-clients-to-be-redirected-ssrf)
    - [CVE-2021-25749: <code>runAsNonRoot</code> logic bypass for Windows containers](#cve-2021-25749-runasnonroot-logic-bypass-for-windows-containers)

- kubeadm: Pull sidecar and dnsmasq-nanny images when using kube-dns ([#66499](https://github.com/kubernetes/kubernetes/pull/66499), [@rosti](https://github.com/rosti))
- kubeadm: Fix pause image to not use architecture, as it is a manifest list ([#65920](https://github.com/kubernetes/kubernetes/pull/65920), [@dims](https://github.com/dims))

Aber dann, auch wenn Sie Ihre Burger noch nicht haben, ist Ihre Interaktion mit dem Kassierer erst mal „auf Pause“ ⏸, weil Sie warten müssen 🕙, bis Ihre Burger fertig sind.