*   Fixes a missing validation which causes denial of service via `DeleteSessionTensor` ([CVE-2022-29194](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29194))
*   Fixes a missing validation which causes denial of service via `GetSessionTensor` ([CVE-2022-29191](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29191))

implement, and therefore security issues deriving from their absence are not
considered a vulnerability in TensorFlow.

### Resource allocation

A denial of service caused by one model could bring down the entire server, but
we don't consider this as a vulnerability, given that models can exhaust
resources in many different ways and solutions exist to prevent this from

    - [Container Images](#container-images-9)
  - [Changelog since v1.32.1](#changelog-since-v1321)
  - [Important Security Information](#important-security-information-2)
    - [CVE-2025-0426: Node Denial of Service via Kubelet Checkpoint API](#cve-2025-0426-node-denial-of-service-via-kubelet-checkpoint-api)
  - [Changes by Kind](#changes-by-kind-9)
    - [Feature](#feature-6)
    - [Bug or Regression](#bug-or-regression-9)

    - [Container Images](#container-images-8)
  - [Changelog since v1.31.5](#changelog-since-v1315)
  - [Important Security Information](#important-security-information-1)
    - [CVE-2025-0426: Node Denial of Service via Kubelet Checkpoint API](#cve-2025-0426-node-denial-of-service-via-kubelet-checkpoint-api)
  - [Changes by Kind](#changes-by-kind-8)
    - [Feature](#feature-5)
    - [Bug or Regression](#bug-or-regression-8)

    - [Container Images](#container-images-4)
  - [Changelog since v1.30.9](#changelog-since-v1309)
  - [Important Security Information](#important-security-information)
    - [CVE-2025-0426: Node Denial of Service via Kubelet Checkpoint API](#cve-2025-0426-node-denial-of-service-via-kubelet-checkpoint-api)
  - [Changes by Kind](#changes-by-kind-4)
    - [Feature](#feature-2)
    - [Bug or Regression](#bug-or-regression-3)

  `You did!' said the Hatter.

  `I deny it!' said the March Hare.

  `He denies it,' said the King:  `leave out that part.'

  `Well, at any rate, the Dormouse said--' the Hatter went on,
looking anxiously round to see if he would deny it too:  but the
Dormouse denied nothing, being fast asleep.

  `After that,' continued the Hatter, `I cut some more bread-
and-butter--'

### Other (Cleanup or Flake)

- Build: Update Debian base images
  - debian-base:v2.1.3
  - debian-iptables:v12.1.2
  - debian-hyperkube-base:v1.1.3 ([#93924](https://github.com/kubernetes/kubernetes/pull/93924), [@justaugustus](https://github.com/justaugustus)) [SIG API Machinery, Cluster Lifecycle and Release]

	AssertEqual(t, err, nil)

	defVal, ok := columnType.DefaultValue()
	AssertEqual(t, defVal, "null")
	AssertEqual(t, ok, true)

	columnType2, err := findColumnType(tableName, "active")
	AssertEqual(t, err, nil)

	defVal, ok = columnType2.DefaultValue()
	bv, _ := strconv.ParseBool(defVal)
	AssertEqual(t, bv, false)
	AssertEqual(t, ok, true)

### Other (Cleanup or Flake)

- Build: Update Debian base images
  - debian-base:v2.1.3
  - debian-iptables:v12.1.2
  - debian-hyperkube-base:v1.1.3 ([#93754](https://github.com/kubernetes/kubernetes/pull/93754), [@justaugustus](https://github.com/justaugustus)) [SIG API Machinery, Cluster Lifecycle, Release and Testing]

### Other (Cleanup or Flake)

- Added basic Denial Of Service prevention for the the node-local kubelet `podresource` API ([#116459](https://github.com/kubernetes/kubernetes/pull/116459), [@ffromani](https://github.com/ffromani)) [SIG Node and Testing]