Thalassa Cloud Thalassa Cloud
Sign in Sign up

Kubernetes v1.34.2-0 and v1.33.6-0: Security Fixes and Component Updates

kubernetes security
2025-11-17
By Thalassa Cloud
We’re announcing two new Kubernetes releases in Thalassa Cloud: v1.34.2-0 and v1.33.6-0. These releases include security fixes that address high-severity vulnerabilities in runc, along with important component updates and stability improvements. Critical Security Fixes Both releases include runc 1.3.3, which fixes three high-severity security vulnerabilities: CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 These vulnerabilities could allow full container breakouts by bypassing runc’s restrictions for writing to arbitrary /proc files. We recommend upgrading your clusters to these versions as soon as possible to mitigate these security risks.
Read article

Topics

Latest Posts

RSS Feed
2025-10-05

Block Volume Snapshots and Snapshot Policies

We recently introduced Block Volume Snapshots and Snapshot Policies in Thalassa Cloud. This adds simple, reliable data protection and recovery workflows for your IaaS workloads without disrupting running applications. Snapshots is one of the core building blocks for operating modern cloud services in a safe manner. I.g. quickly restoring or cloning a database, or for additional back up strategies. What are Block Volume Snapshots? Block Volume Snapshots are point‑in‑time, incremental copies of a Block Volume.
2025-09-29

Pod Security Standards: Practical Hardening for Kubernetes

Pod Security Standards (PSS) are a low‑friction way to harden clusters by default. With Pod Security Admission (PSA), you can enforce least‑privilege at the namespace level and prevent risky pods from ever being created. It’s simple, auditable, and fits cleanly into GitOps. Improving your security posture Implementing Pod Security Standards is crucial as it helps reduce the blast radius by blocking privilege escalation and host-level access. It allows teams to catch misconfigurations early during the admission phase rather than after deployments, ensuring issues are addressed promptly.
2025-09-20

VPC‑Only Access for Kubernetes Clusters

We’ve added support for VPC‑only access to Kubernetes control planes. When enabled, the cluster’s public API endpoint is disabled and the Kubernetes API is reachable only from within your Virtual Private Cloud. This helps teams meet stricter security and compliance requirements without sacrificing operational access. VPC-only access is valuable for DevOps teams because it boosts security by removing the internet-facing API endpoint, which reduces the attack surface. It also makes network rules and identity limits clearer by using your VPC as the boundary.
2025-08-28

Beyond IaaS: Why European Cloud Providers Must Build More Than Basic Infrastructure

European businesses need more than just basic IaaS like virtual machines and storage. These basics are important, but they don’t meet the complex needs of modern applications. To compete globally and keep data within Europe, businesses require a platform with advanced services. Thalassa Cloud goes beyond traditional IaaS by offering a platform with advanced services for modern applications. It provides European businesses with the tools needed for cloud-native applications, ensuring both advanced features and compliance.
2025-08-14

Kubernetes v1.33.4-0 and v1.32.8-0: Security Fixes and Component Updates

We’re excited to announce the release of two new Kubernetes versions in Thalassa Cloud: v1.33.4-0 and v1.32.8-0. These releases bring security fixes, component updates, and enhanced stability for your Kubernetes workloads. Security Fixes Both releases address a medium security vulnerability: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference A vulnerability exists in the NodeRestriction admission controller where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource.
2025-08-08

Building KMS and Secret Manager for the Dutch Cloud

We’re excited to announce that we’re building Key Management Service (KMS) and Secret Manager for Thalassa Cloud. These security services will provide the foundation for secure application development on our Dutch public cloud platform. Why We’re Building These Services Modern cloud-native applications need more than just basic infrastructure. They require robust security & Encryption services that integrate seamlessly with your development workflow. While we already offer IaaS, Kubernetes as a Service and databases, we’re expanding our platform to include the fine graind encryption services.
2025-08-05

How Thalassa Realised a Full European Cloud Platform in Just 6 Months

While European cloud legislation evolves rapidly, Thalassa Cloud proves that technological innovation doesn’t need to take years. In just six months, we have built a fully functional cloud platform that competes with American hyperscalers on multiple fronts, and even exceeds them in transparency, control, and sovereignty. From Vision to Reality: A Complete Cloud Platform Since inception, we’ve delivered a versatile cloud platform offering IaaS, PaaS, KaaS, and DBaaS. Our technology is available for public and private clouds, as well as turnkey and white-label solutions for partners.