assertFailsWith<IOException> {
      getResponse(newRequest("/foo"))
    }.also { expected ->
      when (expected) {
        is SSLHandshakeException -> {
          // Allow conscrypt to fail in different ways
          if (!platform.isConscrypt()) {
            assertThat(expected.cause!!).isInstanceOf<CertificateException>()
          }
        }
        is TlsFatalAlert -> {}
        else -> throw expected

	c.Assert(err, nil)
	// Asserting the response status for expected value of http.StatusOK.
	c.Assert(response.StatusCode, http.StatusOK)
}

// TestContentTypePersists - Object upload with different Content-type is first done.
// And then a HEAD and GET request on these objects are done to validate if the same Content-Type set during upload persists.
func (s *TestSuiteCommon) TestContentTypePersists(c *check) {

### Bug or Regression

- Fix a scheduler preemption issue where the victim pod was not deleted due to incorrect status patching. This issue occurred when the preemptor and victim pods had different QoS classes in their status, causing the preemption to fail entirely. ([#126694](https://github.com/kubernetes/kubernetes/pull/126694), [@Huang-Wei](https://github.com/Huang-Wei)) [SIG Scheduling]

* Azure file persistent volumes can use a new `secretNamespace` field to reference a secret in a different namespace than the one containing their bound persistent volume claim. The azure file persistent volume provisioner honors a corresponding `secretNamespace` storage class parameter to determine where to place secrets containing the storage account...

- For volumes that allow attaches across multiple nodes, attach and detach operations across different nodes are now executed in parallel. ([#89240](https://github.com/kubernetes/kubernetes/pull/89240), [@verult](https://github.com/verult)) [SIG Apps, Node and Storage]

### CVE-2022-3162: Unauthorized read of Custom Resources

A security issue was discovered in Kubernetes where users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group they are not authorized to read.

**Affected Versions**:
  - kube-apiserver v1.25.0 - v1.25.3
  - kube-apiserver v1.24.0 - v1.24.7
  - kube-apiserver v1.23.0 - v1.23.13

| // +--------- // | Random Number | // +--------- // | | // | ... | // | | // +--------- // The common components(signatureR, signatureS, hashedMessage, privateKey and // random number) each takes block size of bytes. The block size is different for // different curves and is set by canUseKDSA function. var params [4096]byte // Copy content into the parameter block. In the sign case, // we copy hashed message, private key and random number into // the parameter block. We skip the signature slots....

### CVE-2022-3162: Unauthorized read of Custom Resources

A security issue was discovered in Kubernetes where users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group they are not authorized to read.

**Affected Versions**:
  - kube-apiserver v1.25.0 - v1.25.3
  - kube-apiserver v1.24.0 - v1.24.7
  - kube-apiserver v1.23.0 - v1.23.13

### Bug or Regression

- Fix a scheduler preemption issue where the victim pod was not deleted due to incorrect status patching. This issue occurred when the preemptor and victim pods had different QoS classes in their status, causing the preemption to fail entirely. ([#126695](https://github.com/kubernetes/kubernetes/pull/126695), [@Huang-Wei](https://github.com/Huang-Wei)) [SIG Scheduling]

| // +--------- // | Random Number | // +--------- // | | // | ... | // | | // +--------- // The common components(signatureR, signatureS, hashedMessage, privateKey and // random number) each takes block size of bytes. The block size is different for // different curves and is set by canUseKDSA function. var params [4096]byte // Copy content into the parameter block. In the sign case, // we copy hashed message, private key and random number into // the parameter block. We skip the signature slots....