Security
- Do not include image annotations when building spec. These annotations can have security implications - crun, for example, allows rootless containers to preserve the user's groups through an annotation.
Quadlet
- Fixed a bug in quadlet to recognize the systemd optional prefix '-'.
Bugfixes
- Fixed a bug where fully resolving symlink paths included the version number, breaking the path to homebrew-installed qmeu files (#18111).
- Fixed a bug where Podman was splitting the filter map slightly differently compared to Docker (#18092).
- Fixed a bug where running
make packagedid not work on RHEL 8 environments (#18421). - Fixed a bug to allow comma separated dns server IP addresses in
podman network create --dnsandpodman network update --dns-add/--dns-drop(#18663). - Fixed a bug to correctly stop containers created with --restart=always in all cases (#18259).
- Fixed a bug in podman-remote logs to correctly display errors reported by the server.
- Fixed a bug to correctly tear down the network stack again when an error happened during the setup.
- Fixed a bug in the remote API exec inspect call to correctly display updated information, e.g. when the exec process died (#18424).
- Fixed a bug so that podman save on windows can now write to stdout by default (#18147).
- Fixed a bug where podman machine rm with the qemu backend now correctly removes the machine connection after the confirmation message not before (#18330).
- Fixed a problem where podman machine connections would try to connect to the ipv6 localhost ipv6 (::1) (#16470).