Operations Center Parent 3.27663

1 minute read

RELEASED: Public: June 25, 2025

Security advisory

TBD

Security fixes

Fixed path traversal vulnerability in tar.gz extraction (BEE-56974): Fixed a security vulnerability where malicious tar.gz files could write files outside the intended extraction directory. This could potentially allow remote code execution. The extraction process now validates file paths to prevent path traversal attacks.

New features

None.

Feature enhancements

None.

Resolved issues

Avoid generating duplicate PodDisruptionBudget (PDB) when overriding it via advanced YAML field (BEE-59068): When overriding a PodDisruptionBudget (PDB) using the advanced YAML field, the resulting model would duplicate the object. This issue has now been resolved.

Known issues

None.

Upgrade notes

None.