## Changelog since v1.21.4

## Important Security Information

This release contains changes that address the following vulnerabilities:

### CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access

A security issue was discovered in Kubernetes where a user may be able to

9. The Free Software Foundation may publish revised and/or new
versions of the General Public License from time to time. Such new
versions will be similar in spirit to the present version, but may
differ in detail to address new problems or concerns.

Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any

    /** The key of the message: {item} is invalid {type} barcode. */
    public static final String CONSTRAINTS_EAN_MESSAGE = "{constraints.EAN.message}";

    /** The key of the message: {item} is not a well-formed email address. */
    public static final String CONSTRAINTS_Email_MESSAGE = "{constraints.Email.message}";

    /** The key of the message: Length of {item} must be between {min} and {max}. */

    assertThat(parse("http://%5B%3A%3A1%5D/").host).isEqualTo("::1")
  }

  @Test
  fun hostIpv6AddressDifferentFormats() {
    // Multiple representations of the same address; see http://tools.ietf.org/html/rfc5952.
    val a3 = "2001:db8::1:0:0:1"
    assertThat(parse("http://[2001:db8:0:0:1:0:0:1]").host).isEqualTo(a3)
    assertThat(parse("http://[2001:0db8:0:0:1:0:0:1]").host).isEqualTo(a3)

				anonCmdLine = strings.ReplaceAll(anonCmdLine, globalMinioConsoleHost, "server1")
			}
			return anonCmdLine
		}

		// Server start command regex groups:
		// 1 - minio server
		// 2 - flags e.g. `--address :9000 --certs-dir /etc/minio/certs`
		// 3 - pool args e.g. `https://node{01...16}.domain/data/disk{001...204} https://node{17...32}.domain/data/disk{001...204}`

    * An ip address is required for the cache instance to listen for requests on, default is a link local ip address of value 169.254.20.10
* Fix dry-run output in kubectl apply --prune ([#69344](https://github.com/kubernetes/kubernetes/pull/69344), [@zegl](https://github.com/zegl))

* GCE Windows nodes will rely solely on kubernetes and kube-proxy (and not the GCE agent) for network address management. ([#75855](https://github.com/kubernetes/kubernetes/pull/75855), [@pjh](https://github.com/pjh))

"value":""},{"key":"table","value":""},{"key":"queue_dir","value":""},{"key":"queue_limit","value":"0"},{"key":"max_open_connections","value":"2"}]},"notify_redis":{"_":[{"key":"enable","value":"off"},{"key":"format","value":"namespace"},{"key":"address","value":""},{"key":"key","value":""},{"key":"password","value":""},{"key":"user","value":""},{"key":"queue_dir","value":""},{"key":"queue_limit","value":"0"}]},"notify_webhook":{"_":[{"key":"enable","value":"off"},{"key":"endpoint","value":""},{...

Kubeadm: add the deprecated flag --port=0 to kube-controller-manager and kube-scheduler manifests to disable insecure serving. Without this flag the components by default serve (e.g. /metrics) insecurely on the default node interface (controlled by --address). Users that wish to override this behavior and enable insecure serving can pass a custom --port=X via kubeadm's "extraArgs" mechanic for these components. ([#92720](https://github.com/kubernetes/kubernetes/pull/92720), [@neolit123](https://github.com/neolit123))...

                * `url`: (`str`) A URL pointing to the contact information. MUST be in
                    the format of a URL.
                * `email`: (`str`) The email address of the contact person/organization.
                    MUST be in the format of an email address.

                It will be added to the generated OpenAPI (e.g. visible at `/docs`).

                Read more at the