Thalassa Cloud
We’re announcing two new Kubernetes releases in Thalassa Cloud: v1.34.2-0 and v1.33.6-0. These releases include security fixes that address high-severity vulnerabilities in runc, along with important component updates and stability improvements.
Both releases include runc 1.3.3, which fixes three high-severity security vulnerabilities:
These vulnerabilities could allow full container breakouts by bypassing runc’s restrictions for writing to arbitrary /proc files. We recommend upgrading your clusters to these versions as soon as possible to mitigate these security risks. For more details, see the runc 1.3.3 release notes.
The tcloud kubernetes versions command lists all available Kubernetes versions in Thalassa Cloud, along with their component versions and release information. Refer to this table to select a version for new deployments or to confirm that runc 1.3.3 (with security patches) is included in your cluster version.
❯ tcloud kubernetes versions
ID NAME KUBERNETES CONTAINERD RUNC AGE
k8sv-d4dnjqb5hnac739n8vpg v1.33.5-2 1.33.5 2.1.4 1.3.3 23 hours ago
k8sv-d4dnjqb5hnac739n8vng v1.33.6-0 1.33.6 2.1.4 1.3.3 23 hours ago
k8sv-d4dnjqb5hnac739n8vjg v1.34.1-8 1.34.1 2.1.4 1.3.3 23 hours ago
You can use tcloud kubernetes upgrade --version v1.34.2-1 to upgrade your Kubernetes cluster to the new version.
Please ensure you also patch your node pools.
These releases are immediately available for new cluster deployments. Clusters with scheduled upgrade configurations will be upgraded automatically during their maintenance windows. If you don’t have a maintenance schedule configured, you can initiate the upgrade immediately through the Console, API, or Terraform.
