chore(deps): update module k8s.io/kubernetes to v1.27.16 [security]

[renovate-rancher]

This PR contains the following updates:

Package	Type	Update	Change
k8s.io/kubernetes	replace	patch	v1.27.10 -> v1.27.16

GitHub Vulnerability Alerts

CVE-2024-3177

A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated.

CVE-2024-5321

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

---

Release Notes

kubernetes/kubernetes (k8s.io/kubernetes)

v1.27.16: Kubernetes v1.27.16

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.27.15: Kubernetes v1.27.15

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.27.14: Kubernetes v1.27.14

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.27.13: Kubernetes v1.27.13

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.27.12: Kubernetes v1.27.12

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.27.11: Kubernetes v1.27.11

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[renovate-rancher]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 6 additional dependencies were updated

Details:

Package	Change
golang.org/x/sys	v0.16.0 -> v0.18.0
github.com/golang/protobuf	v1.5.3 -> v1.5.4
golang.org/x/crypto	v0.16.0 -> v0.21.0
golang.org/x/net	v0.19.0 -> v0.23.0
golang.org/x/term	v0.15.0 -> v0.18.0
google.golang.org/protobuf	v1.32.0 -> v1.33.0

[pjbgf]

Closing in favour of #210.

[renovate-rancher]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v1.27.16). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.