eks-distro-fips-1.28
Chainguard
Status
Impact
kubernetes-1.28 is EOL. Upstream maintainers would need to patch 1.28 in order to address issue with newer version of kubernetes package. Issue can be mitigated by setting the ContainerCheckpoint feature gate to false in your kubelet configuration, disabling the kubelet read-only port, and limiting access to the kubelet API, or upgrading to a fixed version listed below, which enforces authentication for the kubelet Checkpoint API. Upgrading to a newer version addresses the issue. See https://github.com/kubernetes/kubernetes/issues/130016
Status