-
Cherry-picks from
mastertorelease/2.1(#5131)- limayaml: do not default containerd.user=true on non-Linux guests (#5090, thanks to @gaurav0107)
- fix(copytool): fallback to scp for remote source and destination in auto mode (#5097, thanks to @unsuman)
- templates: switch the default image from ubuntu-25.10 to ubuntu-26.04 (#5106)
- krunkit: disable ssh.overVsock by default (#5123)
- fix(makefile): propagate build failure for additional drivers (#5125, thanks to @unsuman)
- templates: update (#5130)
- nerdctl: update from v2.2.2 to v2.3.3 (#5134)
- v2.3.0 release note
- v2.3.1 release note
- v2.3.2 release note
- v2.3.3 release note
- nerdctl v2.3.3 contains containerd v2.3.2, which fixes CVE-2026-50195, CVE-2026-53488, CVE-2026-53492, CVE-2026-53489, CVE-2026-47262
-
Fix CVE-2026-53657 (GHSA-2j9v-p4xj-cjw2) "An arbitrary user in a QEMU VM could gain the root privilege in the VM via the guest agent socket"
Full changes: https://github.com/lima-vm/lima/milestone/72
Usage
$ limactl create
$ limactl start
...
INFO[0029] READY. Run `lima` to open the shell.
$ lima uname
LinuxThe binaries were built automatically on GitHub Actions.
The build log is available for 90 days: https://github.com/lima-vm/lima/actions/runs/27824357138
The sha256sum of the SHA256SUMS file itself is ddaf499316c159493ccf853393e35c93d69e8c1f85cb041f6f7e918157625c6c .
Release manager: @AkihiroSuda