1.34 version change log
View information of version changes for major, minor, and patch updates that are available for your IBM Cloud® Kubernetes Service clusters that run this version. Changes include updates to Kubernetes and IBM Cloud Provider components.
Overview
In Kubernetes, most new beta features are disabled by default. Alpha features, which are subject to change, are disabled in all versions. For more information, see the Default service settings for Kubernetes components and the feature gates for each version.
For more information about major, minor, and patch versions and preparation actions between minor versions, see Kubernetes versions.
Check the Security Bulletins on IBM Cloud Status for security vulnerabilities that affect IBM Cloud Kubernetes Service. You can filter the results to view only Kubernetes Cluster security bulletins that are relevant to IBM Cloud Kubernetes Service. Change log entries that address other security vulnerabilities but don't also refer to an IBM security bulletin are for vulnerabilities that are not known to affect IBM Cloud Kubernetes Service in normal usage. If you run privileged containers, run commands on the workers, or execute untrusted code, then you might be at risk.
Some change logs are for worker node fix packs, and apply only to worker nodes. You must apply these patches to ensure security compliance for your worker nodes. These worker node fix packs can be at a higher version than the master because some build fix packs are specific to worker nodes. Other change logs are for master fix packs, and apply only to the cluster master. Master fix packs might not be automatically applied. You can choose to apply them manually. For more information about patch types, see Update types.
Version 1.34
Worker node fix pack 1.34.2_1535, released 16 December 2025
The following table shows the components included in the worker node fix pack 1.34.2_1535. Worker node patch updates can be applied by updating, reloading (in classic infrastructure), or replacing (in VPC infrastructure) the worker node.
| Component | Version | Description |
|---|---|---|
| UBUNTU 24 | 6.8.0-88-generic | Resolves the following CVEs: CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11839, CVE-2025-11840, CVE-2025-37958, CVE-2025-38666, CVE-2025-39964, CVE-2025-39993, CVE-2025-40018, CVE-2025-64505, CVE-2025-64506, CVE-2025-64720, CVE-2025-65018, CVE-2025-66418, CVE-2025-66471, and CVE-2025-6966. |
| Kubernetes | 1.34.2 | For more information, see the change logs. |
| containerd | 2.2.0 | For more information, see the change logs. |
| HAProxy | 03b74b82b63cd53403b6b587b84233c93edef18d | N/A |
| GPU Device Plug-in and Installer | 1b40f92bf929456042c1f42ba54fa73cdaafb653 | Resolves the following CVEs: CVE-2025-8058. |
Change log for Master fix pack 1.34.2_1534, released 10 December 2025
The following table shows the changes that are in the master fix pack 1.34.2_1534. Master patch updates are applied automatically.
| Component | Previous | Current | Description |
|---|---|---|---|
| Calico | v3.29.6 | v3.29.7 | See the Calico release notes. |
| Cluster health image | v1.6.10 | v1.6.13 | New version contains updates and security fixes. |
| etcd | v3.5.24 | v3.5.25 | See the etcd release notes. |
| IBM Cloud Controller Manager | v1.34.1-6 | v1.34.2-3 | New version contains updates and security fixes. |
| Key Management Service provider | v2.10.18 | 2.10.19 | New version contains updates and security fixes. |
| Konnectivity agent and server | v0.33.0 | v0.34.0 | See the Konnectivity release notes. |
| Kubernetes | v1.34.1 | v1.34.2 | See the Kubernetes release notes. |
| Portieris admission controller | v0.13.31 | v0.13.33 | See the Portieris admission controller release notes. |
| Tigera Operator | v1.36.14 | v1.36.16 | See the Tigera Operator release notes. |
Worker node fix pack 1.34.1_1531, released 03 December 2025
The following table shows the components included in the worker node fix pack 1.34.1_1531. Worker node patch updates can be applied by updating, reloading (in classic infrastructure), or replacing (in VPC infrastructure) the worker node.
| Component | Version | Description |
|---|---|---|
| UBUNTU 24 | 6.8.0-87-generic | Resolves the following CVEs: CVE-2025-37838, CVE-2025-38118, CVE-2025-38352, CVE-2025-40300, CVE-2025-6075, and CVE-2025-8291. |
| Kubernetes | 1.34.1 | For more information, see the change logs. |
| containerd | 2.2.0 | For more information, see the change logs. |
| HAProxy | 03b74b82b63cd53403b6b587b84233c93edef18d | Resolves the following CVEs: CVE-2025-59375, CVE-2025-5372, CVE-2024-28757, and CVE-2022-23990. |
| GPU Device Plug-in and Installer | 184bbc2d05e029bb5b0c3c18798c10697e950967 | Resolves the following CVEs: CVE-2025-59375. |
Change log for master fix pack 1.34.1_1529 and worker node fix pack 1.34.1_1530, released 20 November 2025
| Component | Previous | Current | Description |
|---|---|---|---|
| Calico | v3.29.5 | v3.29.6 | See the Calico release notes. |
| Cluster health control-plane operator | v0.1.8 | v0.1.11 | New version contains updates and security fixes. |
| Cluster health image | v1.6.10 | v1.6.13 | New version contains updates and security fixes. |
| containerd | 1.7.29 | 2.1.5 | See the containerd release notes. |
| CoreDNS | v1.12.2 | v1.12.4 | See the CoreDNS release notes. |
| etcd | v3.5.22 | v3.5.24 | See the etcd release notes. |
| IBM Cloud Block Storage driver and plug-in | v2.5.21 | v2.5.22 | New version contains updates and security fixes. |
| IBM Cloud Controller Manager | v1.33.5-1 | v1.34.1-6 | New version contains updates and security fixes. |
| IBM Cloud File Storage for Classic plug-in and monitor | 450 | 452 | New version contains updates and security fixes. |
| IBM Cloud Metrics Server Config Watcher | v1.1.6 | v1.1.9 | New version contains updates and security fixes. |
| IBM Cloud RBAC Operator | 38dc95c | 8a12251 | New version contains updates and security fixes. |
| Key Management Service provider | v2.10.17 | 2.10.18 | New version contains updates and security fixes. |
| Kubernetes | 1.33.5 | 1.34.1 | See the Kubernetes release notes. |
| Kubernetes Metrics Server | v0.7.2 | v0.8.0 | See the Kubernetes Metrics Server release notes. |
| Kubernetes NodeLocal DNS cache | 1.26.4 | 1.26.5 | See the Kubernetes NodeLocal DNS cache release notes. |
| Kubernetes snapshot controller | v8.2.1 | v8.3.0 | See the Kubernetes snapshot controller release notes. |
| Portieris admission controller | v0.13.30 | v0.13.31 | See the Portieris admission controller release notes. |
| Tigera Operator | v1.36.13 | v1.36.14 | See the Tigera Operator release notes. |