Version 1.3.0

Edit online

Go version updated to 1.25.9, with tool set 1.25.9

Compatibility Checks

  • Kubernetes: 1.34 +
  • OpenShift: 4.21

Features

The following features have been added in this release:

TLS: Enabled secure gRPC communication between the Device Plugin and Health Checker using mutual TLS (mTLS), with cert-manager handling automated certificate issuance and rotation.

Open‑sourced the Spyre Operator platform starting from version 1.3.0.

Enhancements

The following enhancements have been added in this release:
  • Experimental mode has been removed from the Spyre ClusterPolicy, as the corresponding allocation modes are not supported on s390x.

Resolved issues

Critical:

  • CVE-2026-32280 – Vulnerability allowing potential remote code execution due to improper input validation.
  • CVE-2026-32283 – Privilege escalation issue that could allow attackers to gain elevated access.
High:
  • CVE-2026-25679 – Denial-of-service vulnerability caused by resource exhaustion.