* 8`, so the class files from that build can't express nestmates. Thus, when those class files
   * are used from Java 9 or higher (i.e., high enough to trigger the VarHandle code path), such a
   * lookup would fail with an IllegalAccessException. That may then trigger use of Unsafe (possibly
   * with a warning under recent JVMs), or it may fall back even further to

    if (isTeredoAddress(ip)) {
      return false;
    }

    byte[] bytes = ip.getAddress();

    if ((bytes[8] | (byte) 0x03) != (byte) 0x03) {

      // Verify that high byte of the 64 bit identifier is zero, modulo
      // the U/L and G bits, with which we are not concerned.
      return false;
    }

import org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement

/**
 * An [RFC 6265](http://tools.ietf.org/html/rfc6265) Cookie.
 *
 * This class doesn't support additional attributes on cookies, like
 * [Chromium's Priority=HIGH extension][chromium_extension].
 *
 * [chromium_extension]: https://code.google.com/p/chromium/issues/detail?id=232693
 */
@Suppress("NAME_SHADOWING")
class Cookie private constructor(

    if (requestMethod != "GET" && requestMethod != "QUERY") {
      // Don't cache non-GET and non-QUERY responses. We're technically allowed to cache HEAD
      // requests and some POST requests, but the complexity of doing so is high and the benefit
      // is low.
      return null
    }

    if (response.hasVaryAll()) {
      return null
    }

    val entry = Entry(response)
    var editor: DiskLruCache.Editor? = null

it can be within reason.\n * Discussion here: https://github.com/FezVrasta/popper.js/pull/715\n *\n * Low DPI screens cause a popper to be blurry if not using full pixels (Safari\n * as well on High DPI screens).\n *\n * Firefox prefers no rounding for positioning and does not have blurriness on\n * high DPI screens.\n *\n * Only horizontal placement and left/right values need to be considered.\n */\nexport default function getRoundedOffsets(data, shouldRound) {\n  const { popper, reference } = data.offsets;\n...

### Bug or Regression

- Fix: get azure disk lun timeout issue ([#88158](https://github.com/kubernetes/kubernetes/pull/88158), [@andyzhangx](https://github.com/andyzhangx)) [SIG Cloud Provider and Storage]
- Fixed `threadSafeMap` high memory usage caused by indices that have churn of high-cardinality keys. E.g. namespaces ([#88005](https://github.com/kubernetes/kubernetes/pull/88005), [@patrickshan](https://github.com/patrickshan)) [SIG API Machinery]

    Castle is great! But it's a large dependency (6.5 MiB) and its security provider feature
    impacts VM-wide behavior.

 *  New: Reduce contention for applications that make a very high number of concurrent requests.
    Previously OkHttp used its connection pool as a lock when making changes to connections and
    calls. With this change each connection is locked independently.

   * resizing.
   *
   * @throws IllegalArgumentException if {@code size} is negative
   */
  @J2ktIncompatible
  public static ByteArrayDataOutput newDataOutput(int size) {
    // When called at high frequency, boxing size generates too much garbage,
    // so avoid doing that if we can.
    if (size < 0) {
      throw new IllegalArgumentException(String.format("Invalid size: %s", size));
    }

**Fixed Versions**:
  - kubelet v1.28.4
  - kubelet v1.27.8
  - kubelet v1.26.11
  - kubelet v1.25.16

This vulnerability was reported by Tomer Peled @tomerpeled92"


**CVSS Rating:** High (7.2) [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

## Changes by Kind

### API Change