Skip to content

Kubernetes Ecosystem

Releases from the Kubernetes ecosystem — orchestration, Helm charts, operators, and cluster tooling.

Subscribe
All Breaking Security Features
Important Recent
← Releases
Upgrade now
portainer 2.39.3 Breaking risk
Auth RCE / SSRF Dependencies +1 more

SSRF fix + vulnerability patches

Open
Upgrade now
ArcadeData/arcadedb 26.6.1 Breaking risk
Auth RBAC RCE / SSRF +2 more

TLS HA, durability hardening, security fixes

Open
Review required
smolvm v0.8.2 Breaking risk
Auth Breaking upgrade

DNS enforcement + PTY hardening + VM lock fix

Open
Upgrade now
juju v4.0.11 Breaking risk
Dependencies

dqlite, Azure, storage, security, proxy

Open
Upgrade now
teleport v17.7.24 Breaking risk
Auth Dependencies

Installer, Connect, Azure join, Device trust, Keyspaces TLS, Windows LDAP

Open
Review required
etcd v3.6.12 Breaking risk
Breaking upgrade

Linux, macOS, Docker install updates

Open
v3.5.31 (2d) Installation updates
v3.4.45 (2d) Linux, macOS, Docker update
No immediate action
Maintenant v1.2.14 Breaking risk

Runtime degradation recovery

Open
LLMKube v0.8.1 Breaking risk
⚠ Upgrade required
  • After upgrading to v0.8.1, re‑apply all Agent CRs so existing Agents pick up explicit values for the new requestTimeoutSeconds and requestTurnTimeoutSeconds fields.
Breaking changes
  • Agent.spec.requestTimeoutSeconds now represents a loop-wide wall-clock budget (default 3600) instead of per-request HTTP timeout; the former behavior is moved to Agent.spec.requestTurnTimeoutSeconds (default 120). Re‑apply Agent CRs after upgrade.
Notable features
  • **inferenceservice:** adds typed spec.ropeScaling for RoPE/YaRN context extension
Config change
txn2/kubefwd v1.25.15 Breaking risk
Auth

API auth + multi-port recovery

Open
No immediate action
pipeline v1.13.0 Breaking risk

Resolver restriction + compression + timeout fix

Open
No immediate action
LXD v7.1.0 Breaking risk

Docs, network, QEMU, S3, TPM, performance

Open
sablier v1.13.0 Breaking risk
⚠ Upgrade required
  • Add sablier.idle.replicas=1 to existing workloads that previously relied on CPU/memory throttling via idle.cpu or idle.memory settings.
Breaking changes
  • sablier.idle.cpu and sablier.idle.memory no longer enable throttling without setting sablier.idle.replicas=1
Notable features
  • --auto-stop-externally-started flag added
  • OpenTelemetry distributed tracing support added
  • SSE instance events endpoint (api) added
Upgrade now
dokku v0.38.7 Breaking risk
RCE / SSRF

Shell‑injection fix + image recovery + HTTP/2 deprecation warning

Open
Config change
mcp-context-forge v1.0.2 Breaking risk
Auth RCE / SSRF Breaking upgrade

Admin UI rewrite + DB migrations + security

Open
Review required
dagger v0.21.0 Breaking risk
Auth RBAC

DagQL cache migration + checks + lockfiles

Open
Config change
Eclipse Che 7.118.0 Breaking risk
Auth

Prometheus auto‑setup, session warning, SSH handler, bug fixes

Open
No immediate action
dokku v0.38.6 Breaking risk

Clarify encoded config set

Open
Config change
xpipe 23.0 Breaking risk
Auth

GPG update + RDP/VNC tabbing + SSH cert

Open
Review required
teleport v18.8.2 Breaking risk
Auth RBAC

tsh fixes + Connect recall + Windows conflicts

Open
Review required
juju v3.6.23 Breaking risk
Dependencies

Storage API refactor + features + bugfixes

Open
Upgrade now
portainer 2.42.0 Breaking risk
Dependencies Breaking upgrade

CSRF removal + new UI + security fixes

Open
Upgrade now
bunkerweb v1.6.10 Breaking risk
Auth RBAC Dependencies +2 more

Security + feature updates

Open
No immediate action
pulumi v3.241.0 Breaking risk

JSON outputs + schedule/webhook/drift/audit-policy/Insights features

Open

Beta — feedback welcome: [email protected]