- Fix `kubectl` alpha debug node does not work on tainted(NoExecute) nodes and tolerate everything. ([#98431](https://github.com/kubernetes/kubernetes/pull/98431), [@wawa0210](https://github.com/wawa0210))

* User can now use `sudo crictl` on GCE cluster. ([#65389](https://github.com/kubernetes/kubernetes/pull/65389), [@Random-Liu](https://github.com/Random-Liu))
* Tolerate missing watch permission when deleting a resource ([#65370](https://github.com/kubernetes/kubernetes/pull/65370), [@deads2k](https://github.com/deads2k))

fips140.RecordApproved() checkApprovedHash(hash) // Note that while we don't commit to deterministic execution with respect // to the rand stream, we also don't apply MaybeReadByte, so per Hyrum's Law // it's probably relied upon by some. It's a tolerable promise because a // well-specified number of random bytes is included in the signature, in a // well-specified way. if saltLength < 0 { return nil, errors.New("crypto/rsa: salt length cannot be negative") } // FIPS 186-5, Section 5.4(g): "the length...

fips140.RecordApproved() checkApprovedHash(hash) // Note that while we don't commit to deterministic execution with respect // to the rand stream, we also never applied MaybeReadByte, so per Hyrum's // Law it's probably relied upon by some. It's a tolerable promise because a // well-specified number of random bytes is included in the signature, in a // well-specified way. if saltLength < 0 { return nil, errors.New("crypto/rsa: salt length cannot be negative") } // FIPS 186-5, Section 5.4(g): "the length...