Kubeadm: add the deprecated flag --port=0 to kube-controller-manager and kube-scheduler manifests to disable insecure serving. Without this flag the components by default serve (e.g. /metrics) insecurely on the default node interface (controlled by --address). Users that wish to override this behavior and enable insecure serving can pass a custom --port=X via kubeadm's "extraArgs" mechanic for these components. ([#92720](https://github.com/kubernetes/kubernetes/pull/92720), [@neolit123](https://github.com/neolit123))...

* kubectl "rm" will suggest using "delete"; "ps" and "list" will suggest "get". ([#25181](https://github.com/kubernetes/kubernetes/pull/25181), [@janetkuo](https://github.com/janetkuo))
* Add IPv6 address support for pods - does NOT include services ([#23090](https://github.com/kubernetes/kubernetes/pull/23090), [@tgraf](https://github.com/tgraf))

- GCE Windows nodes will rely solely on kubernetes and kube-proxy (and not the GCE agent) for network address management. ([#75855](https://github.com/kubernetes/kubernetes/pull/75855), [@pjh](https://github.com/pjh))

## Changelog since v1.28.11

## Important Security Information

This release contains changes that address the following vulnerabilities:

### CVE-2024-5321: Incorrect permissions on Windows containers logs

A security issue was discovered in Kubernetes clusters with Windows nodes

    setUp(protocol)
    server.enqueue(
      MockResponse(
        code = HttpURLConnection.HTTP_UNAUTHORIZED,
        headers = headersOf("www-authenticate", "Basic realm=\"protected area\""),
        body = "Please authenticate.",
      ),
    )
    server.enqueue(
      MockResponse(body = "Successful auth!"),
    )
    val credential = basic("username", "password")
    client =

        });
    }

    /**
     * Creates an HTTP client for connecting to the search engine.
     *
     * @param fessConfig the Fess configuration
     * @param host       the search engine host address
     * @return the configured HTTP client
     */
    protected Client createHttpClient(final FessConfig fessConfig, final String host) {
        final String[] hosts =

pkg net/mail, method (*Address) String() string
pkg net/mail, method (Header) AddressList(string) ([]*Address, error)
pkg net/mail, method (Header) Date() (time.Time, error)
pkg net/mail, method (Header) Get(string) string
pkg net/mail, type Address struct
pkg net/mail, type Address struct, Address string
pkg net/mail, type Address struct, Name string
pkg net/mail, type Header map[string][]string

mouse--a mouse--O mouse!'  The Mouse looked at her rather
inquisitively, and seemed to her to wink with one of its little
eyes, but it said nothing.

  `Perhaps it doesn't understand English,' thought Alice; `I
daresay it's a French mouse, come over with William the
Conqueror.'  (For, with all her knowledge of history, Alice had
no very clear notion how long ago anything had happened.)  So she

## Changelog since v1.26.10

## Important Security Information

This release contains changes that address the following vulnerabilities:

### CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes

bottom:1rem}abbr[data-original-title],abbr[title]{text-decoration:underline;-webkit-text-decoration:underline dotted;text-decoration:underline dotted;cursor:help;border-bottom:0;-webkit-text-decoration-skip-ink:none;text-decoration-skip-ink:none}address{margin-bottom:1rem;font-style:normal;line-height:inherit}dl,ol,ul{margin-top:0;margin-bottom:1rem}ol ol,ol ul,ul ol,ul ul{margin-bottom:0}dt{font-weight:700}dd{margin-bottom:.5rem;margin-left:0}blockquote{margin:0 0 1rem}b,strong{font-weight:bold...