* Make logdump support kubemark and support gke with 'use_custom_instance_list' ([#51834](https://github.com/kubernetes/kubernetes/pull/51834), [@shyamjvs](https://github.com/shyamjvs))
* Fix credentials providers for docker sandbox image. ([#51870](https://github.com/kubernetes/kubernetes/pull/51870), [@feiskyer](https://github.com/feiskyer))



# v1.6.10

pro.cy pro.ec pro.fj pro.ht pro.in pro.mv pro.na pro.om pro.pr pro.tt pro.typeform.com pro.vn prochowice.pl prod production.aero productions prof prof.pr profesional.bo progressive project.museum promo properties property protection protonet.io pru prudential pruszkow.pl prvcy.page przeworsk.pl ps psc.br psi.br psp.gov.pl psse.gov.pl pstmn.io pt pt.eu.org pt.it pu.it pub pub.instances.scw.cloud pub.sa publ.pt public-inquiry.uk public.museum publishproxy.com pubol.museum pubtls.org pueblo.bo pug.it puglia.it...

endMacroDef(); public final Class getTypeDef(String); public final void setFileResolver(FileResolver); static void <clinit>(); } org/apache/ivy/util/Credentials.class package org.apache.ivy.util; public final synchronized class Credentials { private String realm; private String host; private String userName; private String passwd; public void Credentials(String, String, String, String); public final String getPasswd(); public final String getUserName(); public static String buildKey(String, String);...

 - CSINode initialization does not crash kubelet on startup when APIServer is not reachable or kubelet has not the right credentials yet. ([#89589](https://github.com/kubernetes/kubernetes/pull/89589), [@jsafrane](https://github.com/jsafrane)) [SIG Storage]

left: -10px;\n  padding: 5px;\n  position: absolute;\n  top: -25px;\n  z-index: 10;\n}\n\n.lockscreen-image > img {\n  border-radius: 50%;\n  height: 70px;\n  width: 70px;\n}\n\n.lockscreen-credentials {\n  margin-left: 70px;\n}\n\n.lockscreen-credentials .form-control {\n  border: 0;\n}\n\n.lockscreen-credentials .btn {\n  background-color: #fff;\n  border: 0;\n  padding: 0 10px;\n}\n\n.lockscreen-footer {\n  margin-top: 10px;\n}\n\n.dark-mode .lockscreen-item {\n  background-color: #343a40;\n}\n\n.dark-mode...

:-25px;z-index:10}.lockscreen-image>img{border-radius:50%;height:70px;width:70px}.lockscreen-credentials{margin-left:70px}.lockscreen-credentials .form-control{border:0}.lockscreen-credentials .btn{background-color:#fff;border:0;padding:0 10px}.lockscreen-footer{margin-top:10px}.dark-mode .lockscreen-item{background-color:#343a40}.dark-mode .lockscreen-logo a{color:#fff}.dark-mode .lockscreen-credentials .btn{background-color:#343a40}.dark-mode .lockscreen-image{background-color:#6c757d}.login-l...

A security issue was discovered in kube-apiserver that could allow an attacker controlled aggregated API server to redirect client traffic to any URL.  This could lead to the client performing unexpected actions as well as leaking the client's credentials to third parties. 

There is no mitigation from this issue.  Cluster admins should take care to secure aggregated API servers and should not grant access to mutate `APIService`s to untrusted parties.