* support them). All optional multimap methods are supported, and all returned views are
 * modifiable.
 *
 * <p>This class is not threadsafe when any concurrent operations update the multimap. Concurrent
 * read operations will work correctly. To allow concurrent update operations, wrap your multimap
 * with a call to {@link Multimaps#synchronizedSortedSetMultimap}.
 *
 * <p>See the Guava User Guide article on <a href=

        }
      }

      /**
       * Returns an input stream containing one or more certificate PEM files. This implementation just
       * embeds the PEM files in Java strings; most applications will instead read this from a resource
       * file that gets bundled with the application.
       */
      private fun trustedCertificatesInputStream(): InputStream {
        ... // Full source omitted. See sample.
      }

		if err := copyLocalDir(dst, src); err != nil {
			return "", err
		}
	}

	if underGoRoot {
		// Copy timezone file.
		//
		// Typical apps have the zoneinfo.zip in the root of their app bundle,
		// read by the time package as the working directory at initialization.
		// As we move the working directory to the GOROOT pkg directory, we
		// install the zoneinfo.zip file in the pkgpath.
		err := cp(

			item, eErr := store.Get(key)
			if eErr != nil {
				t.Fatal("Failed to Get the item from the queue store ", eErr)
			}
			if !reflect.DeepEqual(testItem, item) {
				t.Fatalf("Failed to read the item: error: expected = %v, got = %v", testItem, item)
			}
		}
	} else {
		t.Fatalf("List() Expected: 10, got %d", len(itemKeys))
	}
}

// TestQueueStoreDel - tests for store.Del

    - [Node binaries](#node-binaries-7)
  - [Changelog since v1.17.8](#changelog-since-v1178)
  - [Urgent Upgrade Notes](#urgent-upgrade-notes)
    - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade)
  - [Changes by Kind](#changes-by-kind-8)
    - [Bug or Regression](#bug-or-regression-7)
  - [Dependencies](#dependencies-8)
    - [Added](#added-8)

### CVE-2022-3162: Unauthorized read of Custom Resources

A security issue was discovered in Kubernetes where users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group they are not authorized to read.

**Affected Versions**:
  - kube-apiserver v1.25.0 - v1.25.3

actions: # - "s3:CreateBucket" # - "s3:DeleteBucket" # - "s3:GetBucketLocation" # - "s3:ListBucket" # - "s3:ListBucketMultipartU" ## readonlyexamplepolic policy grants access to buckets with name starting with example. ## In addition, grants objects read permissions on buckets starting with example. # - name: readonlyexamplepolic # statements: # - resources: # - 'arn:aws:s3:::example*/*' # actions: # - "s3:GetObject" # - resources: # - 'arn:aws:s3:::example*' # actions: # - "s3:GetBucketLocation" #...

actions: # - "s3:CreateBucket" # - "s3:DeleteBucket" # - "s3:GetBucketLocation" # - "s3:ListBucket" # - "s3:ListBucketMultipartU" ## readonlyexamplepolic policy grants access to buckets with name starting with example. ## In addition, grants objects read permissions on buckets starting with example. # - name: readonlyexamplepolic # statements: # - resources: # - 'arn:aws:s3:::example*/*' # actions: # - "s3:GetObject" # - resources: # - 'arn:aws:s3:::example*' # actions: # - "s3:GetBucketLocation" #...

actions: # - "s3:CreateBucket" # - "s3:DeleteBucket" # - "s3:GetBucketLocation" # - "s3:ListBucket" # - "s3:ListBucketMultipartU" ## readonlyexamplepolic policy grants access to buckets with name starting with example. ## In addition, grants objects read permissions on buckets starting with example. # - name: readonlyexamplepolic # statements: # - resources: # - 'arn:aws:s3:::example*/*' # actions: # - "s3:GetObject" # - resources: # - 'arn:aws:s3:::example*' # actions: # - "s3:GetBucketLocation" #...

This release contains changes that address the following vulnerabilities:

### CVE-2022-3162: Unauthorized read of Custom Resources

A security issue was discovered in Kubernetes where users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group they are not authorized to read.

**Affected Versions**:
  - kube-apiserver v1.25.0 - v1.25.3