SovereignCloudStack · mbuechse · Apr 10, 2026 · Apr 10, 2026 · Apr 16, 2026 · Apr 16, 2026
@@ -57,11 +57,12 @@ In order to keep up-to-date with the latest Kubernetes features, bug fixes and s
 the provided Kubernetes versions should be kept up-to-date with new upstream releases:
 
 - The latest minor version MUST be provided no later than 4 months after release.
-- The latest patch version MUST be provided no later than 2 weeks after release.
-- This time period MUST be even shorter for patches that fix critical CVEs.
+- The latest patch version MUST be provided no later than 1 month after release.
+- This time period (for providing the latest patch version) MUST not be longer than
+  2 weeks if the patch addresses critical CVEs and it is RECOMMENDED to be provided
+  within 2 days of the release.
   In this context, a critical CVE is a CVE with a CVSS base score >= 8 according
   to the CVSS version used in the original CVE record (e.g., CVSSv3.1).
-  It is RECOMMENDED to provide a new patch version in a 2-day time period after their release.
 - New versions MUST be tested before being rolled out on productive infrastructure;
   at least the [CNCF E2E tests][cncf-conformance] should be passed beforehand.
 

@@ -45,7 +45,7 @@
 
 
 MINOR_VERSION_CADENCE = timedelta(days=120)
-PATCH_VERSION_CADENCE = timedelta(weeks=2)
+PATCH_VERSION_CADENCE = timedelta(days=31)
 CVE_VERSION_CADENCE = timedelta(days=2)
 CVE_SEVERITY = 8  # CRITICAL
 

@@ -45,7 +45,7 @@ def release_data():
 EXPECTED_RECENCIES = {
     datetime(2024, 1, 17): True,
     datetime(2024, 1, 31): True,
-    datetime(2024, 2, 1): False,
+    datetime(2024, 2, 18): False,
 }