Advanced Profiling
------------------

Android Studio’s Advanced Profiling feature rewrites OkHttp bytecode for instrumentation.
Unfortunately it crashes on OkHttp 4.x’s bytecode. Until [Google’s bug][advanced_profiling_bug] is
fixed you must disable advanced profiling in Android Studio.

![Disable Advanced Profiling](../assets/images/******@****.***)


R8 / ProGuard
-------------

			// compatibility.
			//
			// However, this splitting increases header size and can introduce errors, unlike Go’s
			// mime package in MinIO, which correctly encodes strings with fixed B/Q encodings,
			// avoiding S3’s heuristic-driven issues.
			//
			// For MinIO developers, decode S3 metadata with mime.WordDecoder, validate outputs,

    if (e is InterruptedIOException) {
      return e is SocketTimeoutException && !requestSendStarted
    }

    // Look for known client-side or negotiation errors that are unlikely to be fixed by trying
    // again with a different route.
    if (e is SSLHandshakeException) {
      // If the problem was a CertificateException from the X509TrustManager,
      // do not retry.

* Fixes the panic that occurs in the federation controller manager when registering a GKE cluster to the federation. Fixes issue [#30790](https://github.com/kubernetes/kubernetes/pull/30790). ([#30940](https://github.com/kubernetes/kubernetes/pull/30940), [@madhusudancs](https://github.com/madhusudancs))

  * Fixes issue that caused apply to revert changes made by edit

#### Bug fixes
* Fixed --save-config in create subcommand to save the annotation ([#40289](https://github.com/kubernetes/kubernetes/pull/40289), [@xilabao](https://github.com/xilabao))

This release also introduces several vulnerability fixes:

*   Fixes an FPE in TFLite in conv kernel [CVE-2023-27579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27579)

                new MetadataStaxWriter().write(out, metadata.getDelegate());
            } catch (IOException | XMLStreamException e) {
                String msg = "Could not write fixed metadata to " + metadataFile + ": " + e.getMessage();
                if (getLogger().isDebugEnabled()) {
                    getLogger().warn(msg, e);
                } else {
                    getLogger().warn(msg);

* The `password`.
* An optional `scope` field as a big string, composed of strings separated by spaces.
* An optional `grant_type`.

/// tip

The OAuth2 spec actually *requires* a field `grant_type` with a fixed value of `password`, but `OAuth2PasswordRequestForm` doesn't enforce it.

If you need to enforce it, use `OAuth2PasswordRequestFormStrict` instead of `OAuth2PasswordRequestForm`.

///

  - Whether this vulnerability is public or known to third parties. If it is,
    please provide details.

We will try to fix the problems as soon as possible. Vulnerabilities will, in
general, be batched to be fixed at the same time as a quarterly release. We
credit reporters for identifying security issues, although we keep your name
confidential if you request it. Please see Google Bug Hunters program website

     * We also lock on a given project to forbid a forked lifecycle to be executed concurrently with the project.
     * TODO: ideally, the builder should take care of the ordering in a smarter way
     * TODO: and concurrency issues fixed with MNG-7157
     */
    protected class ProjectLock implements NoExceptionCloseable {
        final Lock acquiredAggregatorLock;
        final OwnerReentrantLock acquiredProjectLock;