- [Node Binaries](#node-binaries-16)
- [Kubernetes v1.16.0 Release Notes](#kubernetes-v1160-release-notes)
  - [What’s New (Major Themes)](#what’s-new-major-themes)
    - [Additional Notable Feature Updates](#additional-notable-feature-updates)
  - [Known Issues](#known-issues)
  - [Urgent Upgrade Notes](#urgent-upgrade-notes-1)

    - [Server Binaries](#server-binaries-4)
    - [Node Binaries](#node-binaries-4)
    - [Container Images](#container-images-4)
  - [Changelog since v1.32.0](#changelog-since-v1320)
  - [Urgent Upgrade Notes](#urgent-upgrade-notes)
    - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade)
  - [Changes by Kind](#changes-by-kind-4)
    - [Deprecation](#deprecation)

- Service load balancers no longer exclude nodes marked unschedulable from the candidate nodes. The service load balancer exclusion label should be used instead.
  

### Upgrade Checklist

- Test all upgrades in a lower environment (DEV, QA, UAT) before applying to production. Performing blind upgrades in production environments carries significant risk.

    - [Server Binaries](#server-binaries-10)
    - [Node Binaries](#node-binaries-10)
- [Kubernetes v1.14 Release Notes](#kubernetes-v114-release-notes)
  - [1.14 What’s New](#114-whats-new)
  - [Known Issues](#known-issues-1)
  - [Urgent Upgrade Notes](#urgent-upgrade-notes)
    - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade)
  - [Deprecations](#deprecations)

    - [Experimental Features](#experimental-features)
    - [Action Required](#action-required-2)
    - [Other notable changes](#other-notable-changes-12)
<!-- END MUNGE: GENERATED_TOC -->

<!-- NEW RELEASE NOTES ENTRY -->


# v1.5.8

[Documentation](https://docs.k8s.io) & [Examples](https://releases.k8s.io/release-1.5/examples)

## Downloads for v1.5.8


filename | sha256 hash
-------- | -----------

 * for comparisons. This class is not being deprecated, but we gently encourage you to migrate to
 * streams.
 *
 * <p><i>Performance notes:</i> Unless otherwise noted, all of the iterables produced in this class
 * are <i>lazy</i>, which means that their iterators only advance the backing iteration when
 * absolutely necessary.
 *
 * <p>See the Guava User Guide article on <a href=

  - [Changelog since v1.31.4](#changelog-since-v1314)
  - [Important Security Information](#important-security-information-2)
    - [CVE-2024-9042: Command Injection affecting Windows nodes via nodes/*/logs/query API](#cve-2024-9042-command-injection-affecting-windows-nodes-via-nodeslogsquery-api)
  - [Changes by Kind](#changes-by-kind-7)
    - [API Change](#api-change)
    - [Feature](#feature-4)
    - [Bug or Regression](#bug-or-regression-7)

more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to be redirected to the API Server through its private network.

The merged fix enforces validation against the proxying address for a Node. In some cases, the fix can break clients that depend on the `nodes/proxy` subresource, specifically if a kubelet advertises a localhost...

  - Speed up binpacking by reducing the number of PreFilter calls (call once per pod instead of #pods*#nodes times)
  - Speed up finding unneeded nodes by 5x+ in very large clusters by reducing the number of PreFilter calls
  - Expose `--max-nodes-total` as a metric
  - Errors in `IncreaseSize` changed from type `apiError` to `cloudProviderError`