A flaw has been detected in Kubernetes which allows privilege escalation and access to sensitive information in all Kubernetes deployments, including Tectonic. This vulnerability existed in all versions of Kubernetes since 1.2. Vulnerable versions of Tectonic Platform allow for complete exploitation of all pods running on a compute node to which a pod is scheduled with normal user privilege.
As the year comes to a close, Kubernetes contributors, our engineers included, have been hard at work to bring you the final release of 2018: Kubernetes 1.13. In recognition of the achievements the community has made this year, and the looming holiday season, we shift our focuses towards presenting this work to the world at large.
Today, we celebrate this week’s release of Kubernetes 1.12, which brings a lot of incremental feature enhancements and bug fixes across the release that help close issues encountered by enterprises adopting modern containerized systems. Each release cycle, we’re frequently asked about the theme of the release. There are always exciting enhancements to highlight, but an important theme to note is trust and stability.