- Kubeadm: fixed a bug during kubeadm upgrade, where it is not possible to mount a new device and create a symbolic link for /etc/kubernetes (or a sub-directory) so that kubeadm stores its information on the mounted device. ([#123406](https://github.com/kubernetes/kubernetes/pull/123406), [@SataQiu](https://github.com/SataQiu))

    * An ip address is required for the cache instance to listen for requests on, default is a link local ip address of value 169.254.20.10
* Fix dry-run output in kubectl apply --prune ([#69344](https://github.com/kubernetes/kubernetes/pull/69344), [@zegl](https://github.com/zegl))

* kubeadm: fix a bug related to volume unmount if the kubelet run directory is a symbolic link ([#77507](https://github.com/kubernetes/kubernetes/pull/77507), [@cuericlee](https://github.com/cuericlee))
* n/a ([#78059](https://github.com/kubernetes/kubernetes/pull/78059), [@figo](https://github.com/figo))

pkg container/list, type List struct
pkg container/ring, func New(int) *Ring
pkg container/ring, method (*Ring) Do(func(interface{}))
pkg container/ring, method (*Ring) Len() int
pkg container/ring, method (*Ring) Link(*Ring) *Ring
pkg container/ring, method (*Ring) Move(int) *Ring
pkg container/ring, method (*Ring) Next() *Ring
pkg container/ring, method (*Ring) Prev() *Ring
pkg container/ring, method (*Ring) Unlink(int) *Ring

### Documentation

- Fix ALPHA stability level reference link ([#98641](https://github.com/kubernetes/kubernetes/pull/98641), [@Jeffwan](https://github.com/Jeffwan)) [SIG Auth, Cloud Provider, Instrumentation and Storage]

### Failing Test

project. The module is, however, dual licensed under OpenSSL and // # CRYPTOGAMS licenses depending on where you obtain it. For further // # details see http://www.openssl.org/~appro/cryptogams/. // # ========== // Original code can be found at the link below: // https://github.com/dot-asm/cryptogams/blob/master/ppc/aesp8-ppc.pl // Some function names were changed to be consistent with Go function // names. For instance, function aes_p8_set_{en,de}crypt_key become // set{En,De}cryptKeyAsm. I also...

enumerations or code snippets that are not further specified. The character <code>…</code>
(as opposed to the three characters <code>...</code>) is not a token of the Go
language.
</p>

<p>
A link of the form [<a href="#Language_versions">Go 1.xx</a>] indicates that a described
language feature (or some aspect of it) was changed or added with language version 1.xx and
thus requires at minimum that language version to build.

The merged fix enforces validation against the proxying address for a Node. In some cases, the fix can break clients that depend on the `nodes/proxy` subresource, specifically if a kubelet advertises a localhost or link-local address to the Kubernetes control plane. Configuring an egress proxy for egress to the cluster network can also mitigate this vulnerability.

**Affected Versions**:
  - kube-apiserver v1.25.0 - v1.25.3