v5.7.0

Security

• This release addresses CVE-2025-52881, where arbitrary write gadgets and procfs write redirects allowed runc container escape and denial of service.

Features

• The remote Podman client and podman system service API server now support encrypting connections with TLS and mTLS, including client authentication by certificate (#24583).
• The podman system connection add command can now create connections to TCP sockets with TLS and mTLS encryption.
• The podman run and podman create commands now support two new options, --creds and --cert-dir, to manage logging into registries to pull images.
• The podman kube play and podman kube down commands can now accept multiple files as input, creating or removing more than one pod or deployment with the same command (#26274).
• The podman kube play command now supports a new option, --no-pod-prefix, to disable prefixing container names with pod names. Please note that this can cause pods to fail to create if the pod shares a name with a container (#26396).
• The podman machine init command now supports a new option, --tls-verify, to control whether the machine image can be pulled from registries without a trusted TLS certificate, with the default being true (TLS verification on) (#26517).
• When running the podman image load and podman build commands against a podman machine VM, if the path being loaded or built is shared into the VM, Podman will load it from the VM's filesystem instead of streaming the data through the REST API, improving performance (#26321).
• A default location for container log files when using the k8s-file log driver can now be specified with the log_path option in containers.conf.
• Default flags for the OCI runtime can now be set with the runtimes_flags option in containers.conf.
• The podman artifact remove command can now accept multiple arguments, for example, podman artifact rm artifact1 artifact2.
• The podman wait command now supports a new option, --return-on-first, which causes podman wait to return after any container matches the condition, as opposed to waiting for all containers to match (#26691).
• The podman container restore command now supports a new option, --tcp-close, allowing containers with active TCP connections to be restored multiple times.
• Quadlet now features support for a new file type, .artifact, allowing OCI artifacts to be managed with Quadlet (#25778).
• Quadlet .container files now support a new key, HttpProxy, to disable the automatic forwarding of HTTP proxy options from the host into the container (#26925).
• Quadlet .pod files now support a new key, StopTimeout, to configure the stop timeout for the pod (#27120).
• Quadlet .build files now support two new keys, BuildArg and IgnoreFile, to specify build arguments and an ignore file (#27065 and #27268).
• Quadlet .kube files now support multiple YAML files in a single .kube file.
• Quadlet now supports templated dependencies for volumes and networks (#25136).
• The podman quadlet install command now supports a new option, --replace, which will replace any existing Quadlet with a conflicting name (#26930).
• The podman quadlet print command now has a new alias, podman quadlet cat (#27296).
• The remote Podman client's podman artifact remove command now supports the --all option.
• The podman artifact add command now supports a new option, --replace, which will replace any existing artifact with the given name (#27082).
• The podman artifact rm command now supports a new option, --ignore, which will suppress errors when attempting to remove an artifact that does not exist (#27084).
• The podman artifact list command now includes artifact creation time in its output (#27314).
• The podman artifact list --format option now supports two new format keys, VirtualSize, returning the size of the artifact in integer bytes, and CreatedAt, returning the time the artifact was created as an RFC3339 timestamp (the existing Size and Created fields returned human-readable information) (#27085).
• The podman artifact inspect command now supports a new option, --format, to return specific information about an artifact with user-specified formatting (#27112).

Changes

• In preparation for a planned removal of the BoltDB database in Podman 6.0, a warning has been added for installations still using BoltDB. These warnings were added in Podman 5.6, but were not visible by default; they now are. They can be suppressed with the SUPPRESS_BOLTDB_WARNING=true environment variable.
• A new Windows installer has been introduced with a simpler single MSI architecture that supports both user-scope (no admin required) and machine-scope installations. Note: To use the new installer, users must uninstall existing Podman installations before using the new installer, but all containers, images, machines, and other data will be preserved. The old installer is still provided to ensure backwards compatibility, though it will be removed in a future release (#22994 and #25968).
• Podman now requires Go 1.24.
• When the -p/--publish and --network=ns:/path options are used together when creating a container, Podman will not warn that the -p option will be ignored as an existing namespace is in use (this has always been the case, but Podman now prints a warning about it) (#26663).
• The podman stats command now provides additional information about container resource utilization when run on FreeBSD.
• Shell autocompletion has been enabled for the --sysctl option to podman create and podman run, and the --interface-name option to podman network create.
• Artifacts created by Podman now include a creation timestamp by default, stored in the org.opencontainers.image.created annotation (#27081).
• The podman inspect command can now inspect artifacts.
• The podman artifact add command can now override the org.opencontainers.image.title annotation in created artifacts.
• Podman can now optionally be built with Sequoia-PGP support. When so built, the --sign-by-sq-fingerprint option allows signing images using Seqoia-PGP keys.

Bugfixes

• Fixed a bug where the --filter ancestor= option to podman ps required complete matches, unlike Docker (which matched substrings) (#26623).
• Fixed a bug where the --filter label= option to podman events did not support key-only matches (as podman os --filter label= does) (#26702).
• Fixed a bug where Quadlet could panic when a Mount was given without a source being specified.
• Fixed a bug where Quadlet would fail to generate for a .build file when a systemd specifier was used in the [Build] section (#26746).
• Fixed a bug where the podman info command could panic when /proc/sys/fs/binfmt_misc was not mounted.
• Fixed a bug where the remote Podman client could lose some initial bytes of output from attach sessions (podman run, podman exec, podman attach) due to a race condition (#26951).
• Fixed a bug where the podman build command was ignoring SBOM related options (#23915).
• Fixed a bug where the --userns=ns:/path option to podman create and podman run was broken with runc 1.1.11 and higher (#27148).
• Fixed a bug where podman machine on Windows would always re-pull machine images when using the WSL provider, even if an the image had already been pulled and was present on disk.

API

• Added a new API endpoint to list quadlets (GET /libpod/quadlets/json).
• The Compat Inspect endpoint for Images no longer includes the ContainerConfig field. To access image configuration, use the Config field instead. This matches changes made by Docker in the v1.45 API.
• Fixed a bug where the Stats and Commit endpoints for Containers (compat & libpod), the Push, Commit, Push, and Pull endpoints for Images (compat & libpod), and the Push endpoint for Manifests (libpod) were not returning a Content-Type header.

Misc

• Error messages returned when an incomplete --device option (for example --device /dev/fuse::) is passed to podman create or podman run have been improved.
• Updated Buildah to v1.42.0
• Updated the containers/image library to v5.38.0
• Updated the containers/storage library to v1.61.0
• Updated the containers/common library to v0.66.0
• The containers/image, containers/storage, and containers/common libraries are now sourced from the [containers/co...

v5.7.0-RC3

Features

• The remote Podman client and podman system service API server now support encrypting connections with TLS and mTLS, including client authentication by certificate (#24583).
• The podman system connection add command can now create connections to TCP sockets with TLS and mTLS encryption.
• The podman run and podman create commands now support two new options, --creds and --cert-dir, to manage logging into registries to pull images.
• The podman kube play and podman kube down commands can now accept multiple files as input, creating or removing more than one pod or deployment with the same command (#26274).
• The podman kube play command now supports a new option, --no-pod-prefix, to disable prefixing container names with pod names. Please note that this can cause pods to fail to create if the pod shares a name with a container (#26396).
• The podman machine init command now supports a new option, --tls-verify, to control whether the machine image can be pulled from registries without a trusted TLS certificate, with the default being true (TLS verification on) (#26517).
• When running the podman image load and podman build commands against a podman machine VM, if the path being loaded or built is shared into the VM, Podman will load it from the VM's filesystem instead of streaming the data through the REST API, improving performance (#26321).
• A default location for container log files when using the k8s-file log driver can now be specified with the log_path option in containers.conf.
• Default flags for the OCI runtime can now be set with the runtimes_flags option in containers.conf.
• The podman artifact remove command can now accept multiple arguments, for example, podman artifact rm artifact1 artifact2.
• The podman wait command now supports a new option, --return-on-first, which causes podman wait to return after any container matches the condition, as opposed to waiting for all containers to match (#26691).
• The podman container restore command now supports a new option, --tcp-close, allowing containers with active TCP connections to be restored multiple times.
• Quadlet now features support for a new file type, .artifact, allowing OCI artifacts to be managed with Quadlet (#25778).
• Quadlet .container files now support a new key, HttpProxy, to disable the automatic forwarding of HTTP proxy options from the host into the container (#26925).
• Quadlet .pod files now support a new key, StopTimeout, to configure the stop timeout for the pod (#27120).
• Quadlet .build files now support two new keys, BuildArg and IgnoreFile, to specify build arguments and an ignore file (#27065 and #27268).
• Quadlet .kube files now support multiple YAML files in a single .kube file.
• Quadlet now supports templated dependencies for volumes and networks (#25136).
• The podman quadlet install command now supports a new option, --replace, which will replace any existing Quadlet with a conflicting name (#26930).
• The podman quadlet print command now has a new alias, podman quadlet cat (#27296).
• The remote Podman client's podman artifact remove command now supports the --all option.
• The podman artifact add command now supports a new option, --replace, which will replace any existing artifact with the given name (#27082).
• The podman artifact rm command now supports a new option, --ignore, which will suppress errors when attempting to remove an artifact that does not exist (#27084).
• The podman artifact list command now includes artifact creation time in its output (#27314).
• The podman artifact list --format option now supports two new format keys, VirtualSize, returning the size of the artifact in integer bytes, and CreatedAt, returning the time the artifact was created as an RFC3339 timestamp (the existing Size and Created fields returned human-readable information) (#27085).
• The podman artifact inspect command now supports a new option, --format, to return specific information about an artifact with user-specified formatting (#27112).

Changes

• In preparation for a planned removal of the BoltDB database in Podman 6.0, a warning has been added for installations still using BoltDB. These warnings were added in Podman 5.6, but were not visible by default; they now are. They can be suppressed with the SUPPRESS_BOLTDB_WARNING=true environment variable.
• A new Windows installer has been introduced with a simpler single MSI architecture that supports both user-scope (no admin required) and machine-scope installations. Note: To use the new installer, users must uninstall existing Podman installations before using the new installer, but all containers, images, machines, and other data will be preserved. The old installer is still provided to ensure backwards compatibility, though it will be removed in a future release (#22994 and #25968).
• Podman now requires Go 1.24.
• When the -p/--publish and --network=ns:/path options are used together when creating a container, Podman will not warn that the -p option will be ignored as an existing namespace is in use (this has always been the case, but Podman now prints a warning about it) (#26663).
• The podman stats command now provides additional information about container resource utilization when run on FreeBSD.
• Shell autocompletion has been enabled for the --sysctl option to podman create and podman run, and the --interface-name option to podman network create.
• Artifacts created by Podman now include a creation timestamp by default, stored in the org.opencontainers.image.created annotation (#27081).
• The podman inspect command can now inspect artifacts.
• The podman artifact add command can now override the org.opencontainers.image.title annotation in created artifacts.
• Podman can now optionally be built with Sequoia-PGP support. When so built, the --sign-by-sq-fingerprint option allows signing images using Seqoia-PGP keys.

Bugfixes

• Fixed a bug where the --filter ancestor= option to podman ps required complete matches, unlike Docker (which matched substrings) (#26623).
• Fixed a bug where the --filter label= option to podman events did not support key-only matches (as podman os --filter label= does) (#26702).
• Fixed a bug where Quadlet could panic when a Mount was given without a source being specified.
• Fixed a bug where Quadlet would fail to generate for a .build file when a systemd specifier was used in the [Build] section (#26746).
• Fixed a bug where the podman info command could panic when /proc/sys/fs/binfmt_misc was not mounted.
• Fixed a bug where the remote Podman client could lose some initial bytes of output from attach sessions (podman run, podman exec, podman attach) due to a race condition (#26951).
• Fixed a bug where the podman build command was ignoring SBOM related options (#23915).
• Fixed a bug where the --userns=ns:/path option to podman create and podman run was broken with runc 1.1.11 and higher (#27148).
• Fixed a bug where podman machine on Windows would always re-pull machine images when using the WSL provider, even if an the image had already been pulled and was present on disk.

API

• Added a new API endpoint to list quadlets (GET /libpod/quadlets/json).
• The Compat Inspect endpoint for Images no longer includes the ContainerConfig field. To access image configuration, use the Config field instead. This matches changes made by Docker in the v1.45 API.
• Fixed a bug where the Stats and Commit endpoints for Containers (compat & libpod), the Push, Commit, Push, and Pull endpoints for Images (compat & libpod), and the Push endpoint for Manifests (libpod) were not returning a Content-Type header.

Misc

• Error messages returned when an incomplete --device option (for example --device /dev/fuse::) is passed to podman create or podman run have been improved.
• Updated Buildah to v1.42.0
• Updated the containers/image library to v5.38.0
• Updated the containers/storage library to v1.61.0
• Updated the containers/common library to v0.66.0
• The containers/image, containers/storage, and containers/common libraries are now sourced from the containers/container-libs monorepo.

v5.7.0-RC2

Features

• The remote Podman client and podman system service API server now support encrypting connections with TLS and mTLS, including client authentication by certificate (#24583).
• The podman system connection add command can now create connections to TCP sockets with TLS and mTLS encryption.
• The podman run and podman create commands now support two new options, --creds and --cert-dir, to manage logging into registries to pull images.
• The podman kube play and podman kube down commands can now accept multiple files as input, creating or removing more than one pod or deployment with the same command (#26274).
• The podman kube play command now supports a new option, --no-pod-prefix, to disable prefixing container names with pod names. Please note that this can cause pods to fail to create if the pod shares a name with a container (#26396).
• The podman machine init command now supports a new option, --tls-verify, to control whether the machine image can be pulled from registries without a trusted TLS certificate, with the default being true (TLS verification on) (#26517).
• When running the podman image load and podman build commands against a podman machine VM, if the path being loaded or built is shared into the VM, Podman will load it from the VM's filesystem instead of streaming the data through the REST API, improving performance (#26321).
• A default location for container log files when using the k8s-file log driver can now be specified with the log_path option in containers.conf.
• Default flags for the OCI runtime can now be set with the runtimes_flags option in containers.conf.
• The podman artifact remove command can now accept multiple arguments, for example, podman artifact rm artifact1 artifact2.
• The podman wait command now supports a new option, --return-on-first, which causes podman wait to return after any container matches the condition, as opposed to waiting for all containers to match (#26691).
• The podman container restore command now supports a new option, --tcp-close, allowing containers with active TCP connections to be restored multiple times.
• Quadlet now features support for a new file type, .artifact, allowing OCI artifacts to be managed with Quadlet (#25778).
• Quadlet .container files now support a new key, HttpProxy, to disable the automatic forwarding of HTTP proxy options from the host into the container (#26925).
• Quadlet .pod files now support a new key, StopTimeout, to configure the stop timeout for the pod (#27120).
• Quadlet .build files now support two new keys, BuildArg and IgnoreFile, to specify build arguments and an ignore file (#27065 and #27268).
• Quadlet .kube files now support multiple YAML files in a single .kube file.
• Quadlet now supports templated dependencies for volumes and networks (#25136).
• The podman quadlet install command now supports a new option, --replace, which will replace any existing Quadlet with a conflicting name (#26930).
• The podman quadlet print command now has a new alias, podman quadlet cat (#27296).
• The remote Podman client's podman artifact remove command now supports the --all option.
• The podman artifact add command now supports a new option, --replace, which will replace any existing artifact with the given name (#27082).
• The podman artifact rm command now supports a new option, --ignore, which will suppress errors when attempting to remove an artifact that does not exist (#27084).
• The podman artifact list command now includes artifact creation time in its output (#27314).
• The podman artifact list --format option now supports two new format keys, VirtualSize, returning the size of the artifact in integer bytes, and CreatedAt, returning the time the artifact was created as an RFC3339 timestamp (the existing Size and Created fields returned human-readable information) (#27085).
• The podman artifact inspect command now supports a new option, --format, to return specific information about an artifact with user-specified formatting (#27112).

Changes

• In preparation for a planned removal of the BoltDB database in Podman 6.0, a warning has been added for installations still using BoltDB. These warnings were added in Podman 5.6, but were not visible by default; they now are. They can be suppressed with the SUPPRESS_BOLTDB_WARNING=true environment variable.
• A new Windows installer has been introduced with a simpler single MSI architecture that supports both user-scope (no admin required) and machine-scope installations. Note: To use the new installer, users must uninstall existing Podman installations before using the new installer, but all containers, images, machines, and other data will be preserved. The old installer is still provided to ensure backwards compatibility, though it will be removed in a future release (#22994 and #25968).
• Podman now requires Go 1.24.
• When the -p/--publish and --network=ns:/path options are used together when creating a container, Podman will not warn that the -p option will be ignored as an existing namespace is in use (this has always been the case, but Podman now prints a warning about it) (#26663).
• The podman stats command now provides additional information about container resource utilization when run on FreeBSD.
• Shell autocompletion has been enabled for the --sysctl option to podman create and podman run, and the --interface-name option to podman network create.
• Artifacts created by Podman now include a creation timestamp by default, stored in the org.opencontainers.image.created annotation (#27081).
• The podman inspect command can now inspect artifacts.
• The podman artifact add command can now override the org.opencontainers.image.title annotation in created artifacts.
• Podman can now optionally be built with Sequoia-PGP support. When so built, the --sign-by-sq-fingerprint option allows signing images using Seqoia-PGP keys.

Bugfixes

• Fixed a bug where the --filter ancestor= option to podman ps required complete matches, unlike Docker (which matched substrings) (#26623).
• Fixed a bug where the --filter label= option to podman events did not support key-only matches (as podman os --filter label= does) (#26702).
• Fixed a bug where Quadlet could panic when a Mount was given without a source being specified.
• Fixed a bug where Quadlet would fail to generate for a .build file when a systemd specifier was used in the [Build] section (#26746).
• Fixed a bug where the podman info command could panic when /proc/sys/fs/binfmt_misc was not mounted.
• Fixed a bug where the remote Podman client could lose some initial bytes of output from attach sessions (podman run, podman exec, podman attach) due to a race condition (#26951).
• Fixed a bug where the podman build command was ignoring SBOM related options (#23915).
• Fixed a bug where the --userns=ns:/path option to podman create and podman run was broken with runc 1.1.11 and higher (#27148).

API

• Added a new API endpoint to list quadlets (GET /libpod/quadlets/json).
• The Compat Inspect endpoint for Images no longer includes the ContainerConfig field. To access image configuration, use the Config field instead. This matches changes made by Docker in the v1.45 API.
• Fixed a bug where the Stats and Commit endpoints for Containers (compat & libpod), the Push, Commit, Push, and Pull endpoints for Images (compat & libpod), and the Push endpoint for Manifests (libpod) were not returning a Content-Type header.

Misc

• Error messages returned when an incomplete --device option (for example --device /dev/fuse::) is passed to podman create or podman run have been improved.
• Updated Buildah to v1.42.0
• Updated the containers/image library to v5.38.0
• Updated the containers/storage library to v1.61.0
• Updated the containers/common library to v0.66.0
• The containers/image, containers/storage, and containers/common libraries are now sourced from the containers/container-libs monorepo.

v5.6.2

Bugfixes

• Fixed a bug where stopping the podman machine start command with SIGPIPE could result in machine state being stuck as "Starting" (#26949).
• Fixed a bug where podman build would fail with a permissions error when building Containerfiles using a non-root user and cache mounts (#27044).

Misc

• Updated Buildah to v1.41.5

v5.6.1

Security

• This release addresses CVE-2025-9566, where Kubernetes YAML run by podman play kube containing ConfigMap and Secret volumes can use crafted symlinks to overwrite content on the host.

Bugfixes

• Fixed a bug where network creation and removal events were displayed incorrectly when the journald events driver was in use.
• Fixed a bug where the --security-opt seccomp=unconfined option was broken on Windows (#26855).
• Fixed a bug where containers created with a name longer than 64 characters, no explicit hostname, the the container_name_as_hostname option in containers.conf set to true would fail to start.
• Fixed a bug where Podman would fail to start containers when runc 1.3.0 or later was used as the OCI runtime (#26938).

Misc

• Adjusted the systemd-tmpfiles script to recursively remove temporary files directories placed in /tmp, ensuring proper operation of Podman after a reboot if /tmp is not a tmpfs.
• Updated Buildah to v1.41.4
• Updated the containers/storage to v1.59.1
• Updated the containers/common library to v0.64.2

v5.6.0

Features

• A new set of commands for managing Quadlets has been added as podman quadlet install (install a new Quadlet for the current user), podman quadlet list (list installed Quadlets), podman quadlet print (print the contents of a Quadlet file), and podman quadlet rm (remove a Quadlet). These commands are presently not available with the remote Podman client - we expect support for this to arrive in a future release.
• Quadlet .container units can now specify environment variables without values in the Environment= key, retrieving the value from the host when the container is started (#26247).
• Quadlet .pod units now support two new keys, Label= (to set labels on the created pod) and ExitPolicy= (to set exit policy for the created pod) (#25961 and #25596).
• Quadlet .image units now support a new key, Policy=, to set pull policy for the image (e.g. pull always, pull only if newer version available) (#26446).
• Quadlet .network units now support a new key, InterfaceName=, to specify the name of the network interface created.
• The podman machine init command now supports a new option, --swap, enabling swap in the created virtual machine and setting it to a given size (in megabytes) (#15980).
• The --mount option to podman create and podman run now supports dest= as a valid alias for destination=.
• The podman kube play command can now restrict container execution to specific CPU cores and specific memory nodes using the io.podman.annotations.cpuset/$ctrname and io.podman.annotations.memory-nodes/$ctrname annotations (#26172).
• The podman kube play command now supports the lifecycle.stopSignal field in Pod YAML, allowing the signal used to stop containers to be specified (#25389).
• The podman artifact suite of commands for interacting with OCI artifacts is now available in the remote Podman client and the bindings for the REST API.
• The podman volume import and podman volume export commands are now available in the remote Podman client (#26049).
• The --build-context option to podman build is now supported by the remote Podman client (#23433).
• The podman volume create command now accepts two new options, --uid and --gid, to set the UID and GID the volume will be created with.
• The podman secret create command now has a new option, --ignore, causing the command to succeed even if a secret with the given name already exists.
• The podman pull command now has a new option, --policy, to configure pull policy.
• The --mount type=artifact option to podman create, podman run, and podman pod create now allows the filename of the artifact in the container to be set using the name= option (e.g. podman run --mount type=artifact,name=$NAME,...).
• The --tmpfs option to podman create and podman run now allows a new option, noatime, to be passed (e.g. podman run --tmpfs /run:noatime ...) (#26102).
• The podman update command now has a new option, --latest, to update the latest container instead of specifying a specific container (#26380).
• A new command, podman buildx inspect, has been added to improve Docker compatibility (#13014).

Breaking Changes

• Rosetta support in podman machine VMs has been disabled by default due to issues with newer Linux kernels. These issues have been addressed in the Tahoe beta, and we plan on re-enabling support for Rosetta in a future Podman release once the fix is in wider circulation. You can find more details here.

Changes

• In preparation for a planned removal of the BoltDB database in Podman 6.0, a warning has been added for installations still using BoltDB. These warnings are presently not visible by default, which will happen in Podman 5.7.
• The podman artifact suite of commands for interacting with OCI artifacts is now considered stable.
• For users running podman machine VMs using the libkrun provider on an M3 or newer host running macOS 15+, nested virtualization is enabled by default.
• When creating podman machine VMs on Windows using the WSL v2 provider, images are now pulled as artifacts from quay.io/podman/machine-os, matching the behavior of other VM providers.
• Signal forwarding done by the --sig-proxy option to podman run and podman attach is now more robust to races and no longer forwards the SIGSTOP signal.
• The podman system check --quick command now skips checking layer digests.
• Podman on Windows using the WSLv2 provider now prefers the WSL executable in C:\Program Files\Windows Subsystem for Linux\wsl.exe over the one in WindowsApps, avoiding common “access denied” issues (#25787).
• The --mount type=artifact option to podman create, podman run, and podman pod create now mounts artifacts containing a only a single blob as a file at the given destination path if the path does not exist in the image.
• The podman volume export command now refuses to export to STDOUT if it is a TTY (#26506).
• When generating Quadlet units with options known to be problematic when used with Podman, such as User=, Group=, and DynamicUser= in the [Service] section of a unit, Quadlet will now warn the user of the potential incompatibility (#26543).

Bugfixes

• Fixed a bug where the --security-opt unmask= option to podman create and podman run did not allow comma-separated lists of paths to be passed, instead only allowing a single path.
• Fixed a bug where stopping a Podman container could unintentionally kill non-Podman processes if the PID of an exec session started inside the container was reused for a new process while the container was running (#25104).
• Fixed a bug where podman machine init could fail if run in a Podman container (#25950).
• Fixed a bug where podman machine VMs would sometimes receive incorrect timezone information.
• Fixed a bug where podman machine VMs created with a custom username would not have lingering enabled.
• Fixed a bug where the podman machine init command on Windows when using the WSL 2 provider did not reliably determine if WSL was installed (#25523).
• Fixed a bug where the name of Quadlet .pod units that did not specify the PodName= key was set incorrectly (#26062).
• Fixed a bug where Quadlet .container units joining a pod specified in a .pod unit would fail as the pod name was set incorrectly when creating the container (#26105).
• Fixed a bug where Quadlet would not generate RequiresMountsFor when mounting a .volume unit with Type=bind set into a container (#26125).
• Fixed a bug where Quadlet dropin files were not correctly overwritten by new dropin files with the same name further along the hierarchy if the two dropin files did not share a parent directory (#26555).
• Fixed a bug where Quadlet would sometimes not print warnings when failing to parse units (#26542).
• Fixed a bug where Quadlet .pod files did not include the last Environment= key in the [Service] section in the generated systemd service (#26521).
• Fixed a bug where starting a container with already-running dependencies would fail.
• Fixed a bug where OCI hooks in a directory specified with --hooks-dir would fail to run when containers were restarted (#17935).
• Fixed a bug where the --mount option to podman create and podman run required the type= option to be specified, instead of defaulting to volume when it was not present (#26101).
• Fixed a bug where the podman kube play command would fail on Windows when specifying an absolute path to YAML files (#26350).
• Fixed a bug where the --security-opt seccomp= option to podman create, podman run, and podman pod create could error on Windows when given a path to a Seccomp profile (#26558).
• Fixed a bug where the --blkio-weight-device, --device-read-bps, --device-write-bps, --device-read-iops, and --device-write-iops options to podman create and podman run incorrectly accepted non-block devices.
• Fixed a bug where the podman build command handled the --ignorefile option differently from the buildah bud command (#25746).
• Fixed a bug where the podman rm -f command could return an error when trying to remove a running container whose conmon process had been killed (#26640).
• Fixed a ...

v5.6.0-RC2

Features

• A new set of commands for managing Quadlets has been added as podman quadlet install (install a new Quadlet for the current user), podman quadlet list (list installed Quadlets), podman quadlet print (print the contents of a Quadlet file), and podman quadlet rm (remove a Quadlet). These commands are presently not available with the remote Podman client - we expect support for this to arrive in a future release.
• Quadlet .container units can now specify environment variables without values in the Environment= key, retrieving the value from the host when the container is started (#26247).
• Quadlet .pod units now support two new keys, Label= (to set labels on the created pod) and ExitPolicy= (to set exit policy for the created pod) (#25961 and #25596).
• Quadlet .image units now support a new key, Policy=, to set pull policy for the image (e.g. pull always, pull only if newer version available) (#26446).
• Quadlet .network units now support a new key, InterfaceName=, to specify the name of the network interface created.
• The podman machine init command now supports a new option, --swap, enabling swap in the created virtual machine and setting it to a given size (in megabytes) (#15980).
• The --mount option to podman create and podman run now supports dest= as a valid alias for destination=.
• The podman kube play command can now restrict container execution to specific CPU cores and specific memory nodes using the io.podman.annotations.cpuset/$ctrname and io.podman.annotations.memory-nodes/$ctrname annotations (#26172).
• The podman kube play command now supports the lifecycle.stopSignal field in Pod YAML, allowing the signal used to stop containers to be specified (#25389).
• The podman artifact suite of commands for interacting with OCI artifacts is now available in the remote Podman client and the bindings for the REST API.
• The podman volume import and podman volume export commands are now available in the remote Podman client (#26049).
• The --build-context option to podman build is now supported by the remote Podman client (#23433).
• The podman volume create command now accepts two new options, --uid and --gid, to set the UID and GID the volume will be created with.
• The podman secret create command now has a new option, --ignore, causing the command to succeed even if a secret with the given name already exists.
• The podman pull command now has a new option, --policy, to configure pull policy.
• The --mount type=artifact option to podman create, podman run, and podman pod create now allows the filename of the artifact in the container to be set using the name= option (e.g. podman run --mount type=artifact,name=$NAME,...).
• The --tmpfs option to podman create and podman run now allows a new option, noatime, to be passed (e.g. podman run --tmpfs /run:noatime ...) (#26102).
• The podman update command now has a new option, --latest, to update the latest container instead of specifying a specific container (#26380).
• A new command, podman buildx inspect, has been added to improve Docker compatibility (#13014).

Changes

• The podman artifact suite of commands for interacting with OCI artifacts is now considered stable.
• For users running podman machine VMs using the libkrun provider on an M3 or newer host running macOS 15+, nested virtualization is enabled by default.
• When creating podman machine VMs on Windows using the WSL v2 provider, images are now pulled as artifacts from quay.io/podman/machine-os, matching the behavior of other VM providers.
• Signal forwarding done by the --sig-proxy option to podman run and podman attach is now more robust to races and no longer forwards the SIGSTOP signal.
• The podman system check --quick command now skips checking layer digests.
• Podman on Windows using the WSLv2 provider now prefers the WSL executable in C:\Program Files\Windows Subsystem for Linux\wsl.exe over the one in WindowsApps, avoiding common “access denied” issues (#25787).
• The --mount type=artifact option to podman create, podman run, and podman pod create now mounts artifacts containing a only a single blob as a file at the given destination path if the path does not exist in the image.
• The podman volume export command now refuses to export to STDOUT if it is a TTY (#26506).
• When generating Quadlet units with options known to be problematic when used with Podman, such as User=, Group=, and DynamicUser= in the [Service] section of a unit, Quadlet will now warn the user of the potential incompatibility (#26543).

Bugfixes

• Fixed a bug where the --security-opt unmask= option to podman create and podman run did not allow comma-separated lists of paths to be passed, instead only allowing a single path.
• Fixed a bug where stopping a Podman container could unintentionally kill non-Podman processes if the PID of an exec session started inside the container was reused for a new process while the container was running (#25104).
• Fixed a bug where podman machine init could fail if run in a Podman container (#25950).
• Fixed a bug where podman machine VMs would sometimes receive incorrect timezone information.
• Fixed a bug where podman machine VMs created with a custom username would not have lingering enabled.
• Fixed a bug where the podman machine init command on Windows when using the WSL 2 provider did not reliably determine if WSL was installed (#25523).
• Fixed a bug where the name of Quadlet .pod units that did not specify the PodName= key was set incorrectly (#26062).
• Fixed a bug where Quadlet .container units joining a pod specified in a .pod unit would fail as the pod name was set incorrectly when creating the container (#26105).
• Fixed a bug where Quadlet would not generate RequiresMountsFor when mounting a .volume unit with Type=bind set into a container (#26125).
• Fixed a bug where Quadlet dropin files were not correctly overwritten by new dropin files with the same name further along the hierarchy if the two dropin files did not share a parent directory (#26555).
• Fixed a bug where Quadlet would sometimes not print warnings when failing to parse units (#26542).
• Fixed a bug where Quadlet .pod files did not include the last Environment= key in the [Service] section in the generated systemd service (#26521).
• Fixed a bug where starting a container with already-running dependencies would fail.
• Fixed a bug where OCI hooks in a directory specified with --hooks-dir would fail to run when containers were restarted (#17935).
• Fixed a bug where the --mount option to podman create and podman run required the type= option to be specified, instead of defaulting to volume when it was not present (#26101).
• Fixed a bug where the podman kube play command would fail on Windows when specifying an absolute path to YAML files (#26350).
• Fixed a bug where the --security-opt seccomp= option to podman create, podman run, and podman pod create could error on Windows when given a path to a Seccomp profile (#26558).
• Fixed a bug where the --blkio-weight-device, --device-read-bps, --device-write-bps, --device-read-iops, and --device-write-iops options to podman create and podman run incorrectly accepted non-block devices.
• Fixed a bug where the podman build command handled the --ignorefile option differently from the buildah bud command (#25746).
• Fixed a bug where the podman rm -f command could return an error when trying to remove a running container whose conmon process had been killed (#26640).
• Fixed a bug where the podman inspect command did not correctly display log size for containers when log_size_max was set in containers.conf.

API

• A full set of API endpoints for interacting with artifacts has been added, including inspecting artifacts (GET /libpod/artifacts/{name}/json), listing all artifacts (GET /libpod/artifacts/json), pulling an artifact (POST /libpod/artifacts/pull), removing an artifact (DELETE /libpod/artifacts/{name}), adding an artifact (or appending to an existing artifact) from a tar file in the request body (POST /libpod/artifacts/add), pushing an artifact to a registry (/libpod/artifacts/{name}/push), and retrieving the contents of an ar...

v5.6.0-RC1

Features

• A new set of commands for managing Quadlets has been added as podman quadlet install (install a new Quadlet for the current user), podman quadlet list (list installed Quadlets), podman quadlet print (print the contents of a Quadlet file), and podman quadlet rm (remove a Quadlet). These commands are presently not available with the remote Podman client - we expect support for this to arrive in a future release.
• Quadlet .container units can now specify environment variables without values in the Environment= key, retrieving the value from the host when the container is started (#26247).
• Quadlet .pod units now support two new keys, Label= (to set labels on the created pod) and ExitPolicy= (to set exit policy for the created pod) (#25961 and #25596).
• Quadlet .image units now support a new key, Policy=, to set pull policy for the image (e.g. pull always, pull only if newer version available) (#26446).
• Quadlet .network units now support a new key, InterfaceName=, to specify the name of the network interface created.
• The podman machine init command now supports a new option, --swap, enabling swap in the created virtual machine and setting it to a given size (in megabytes) (#15980).
• The --mount option to podman create and podman run now supports dest= as a valid alias for destination=.
• The podman kube play command can now restrict container execution to specific CPU cores and specific memory nodes using the io.podman.annotations.cpuset/$ctrname and io.podman.annotations.memory-nodes/$ctrname annotations (#26172).
• The podman kube play command now supports the lifecycle.stopSignal field in Pod YAML, allowing the signal used to stop containers to be specified (#25389).
• The podman volume import and podman volume export commands are now available in the remote Podman client (#26049).
• The --build-context option to podman build is now supported by the remote Podman client (#23433).
• The podman volume create command now accepts two new options, --uid and --gid, to set the UID and GID the volume will be created with.
• The podman secret create command now has a new option, --ignore, causing the command to succeed even if a secret with the given name already exists.
• The podman pull command now has a new option, --policy, to configure pull policy.
• The --mount type=artifact option to podman create, podman run, and podman pod create now allows the filename of the artifact in the container to be set using the name= option (e.g. podman run --mount type=artifact,name=$NAME,...).
• The --tmpfs option to podman create and podman run now allows a new option, noatime, to be passed (e.g. podman run --tmpfs /run:noatime ...) (#26102).
• The podman update command now has a new option, --latest, to update the latest container instead of specifying a specific container (#26380).
• A new command, podman buildx inspect, has been added to improve Docker compatibility (#13014).

Changes

• For users running podman machine VMs using the libkrun provider on an M3 or newer host running macOS 15+, nested virtualization is enabled by default.
• When creating podman machine VMs on Windows using the WSL v2 provider, images are now pulled as artifacts from quay.io/podman/machine-os, matching the behavior of other VM providers.
• Signal forwarding done by the --sig-proxy option to podman run and podman attach is now more robust to races and no longer forwards the SIGSTOP signal.
• The podman system check --quick command now skips checking layer digests.
• Podman on Windows using the WSLv2 provider now prefers the WSL executable in C:\Program Files\Windows Subsystem for Linux\wsl.exe over the one in WindowsApps, avoiding common “access denied” issues (#25787).
• The --mount type=artifact option to podman create, podman run, and podman pod create now mounts artifacts containing a only a single blob as a file at the given destination path if the path does not exist in the image.
• The podman volume export command now refuses to export to STDOUT if it is a TTY (#26506).
• When generating Quadlet units with options known to be problematic when used with Podman, such as User=, Group=, and DynamicUser= in the [Service] section of a unit, Quadlet will now warn the user of the potential incompatibility (#26543).

Bugfixes

• Fixed a bug where the --security-opt unmask= option to podman create and podman run did not allow comma-separated lists of paths to be passed, instead only allowing a single path.
• Fixed a bug where stopping a Podman container could unintentionally kill non-Podman processes if the PID of an exec session started inside the container was reused for a new process while the container was running (#25104).
• Fixed a bug where podman machine init could fail if run in a Podman container (#25950).
• Fixed a bug where podman machine VMs would sometimes receive incorrect timezone information.
• Fixed a bug where podman machine VMs created with a custom username would not have lingering enabled.
• Fixed a bug where the podman machine init command on Windows when using the WSL 2 provider did not reliably determine if WSL was installed (#25523).
• Fixed a bug where the name of Quadlet .pod units that did not specify the PodName= key was set incorrectly (#26062).
• Fixed a bug where Quadlet .container units joining a pod specified in a .pod unit would fail as the pod name was set incorrectly when creating the container (#26105).
• Fixed a bug where Quadlet would not generate RequiresMountsFor when mounting a .volume unit with Type=bind set into a container (#26125).
• Fixed a bug where Quadlet dropin files were not correctly overwritten by new dropin files with the same name further along the hierarchy if the two dropin files did not share a parent directory (#26555).
• Fixed a bug where Quadlet would sometimes not print warnings when failing to parse units (#26542).
• Fixed a bug where Quadlet .pod files did not include the last Environment= key in the [Service] section in the generated systemd service (#26521).
• Fixed a bug where starting a container with already-running dependencies would fail.
• Fixed a bug where OCI hooks in a directory specified with --hooks-dir would fail to run when containers were restarted (#17935).
• Fixed a bug where the --mount option to podman create and podman run required the type= option to be specified, instead of defaulting to volume when it was not present (#26101).
• Fixed a bug where the podman kube play command would fail on Windows when specifying an absolute path to YAML files (#26350).
• Fixed a bug where the --security-opt seccomp= option to podman create, podman run, and podman pod create could error on Windows when given a path to a Seccomp profile (#26558).
• Fixed a bug where the --blkio-weight-device, --device-read-bps, --device-write-bps, --device-read-iops, and --device-write-iops options to podman create and podman run incorrectly accepted non-block devices.
• Fixed a bug where the podman build command handled the --ignorefile option differently from the buildah bud command (#25746).
• Fixed a bug where the podman rm -f command could return an error when trying to remove a running container whose conmon process had been killed (#26640).
• Fixed a bug where the podman inspect command did not correctly display log size for containers when log_size_max was set in containers.conf.

API

• A full set of API endpoints for interacting with artifacts has been added, including inspecting artifacts (GET /libpod/artifacts/{name}/json), listing all artifacts (GET /libpod/artifacts/json), pulling an artifact (POST /libpod/artifacts/pull), removing an artifact (DELETE /libpod/artifacts/{name}), adding an artifact (or appending to an existing artifact) from a tar file in the request body (POST /libpod/artifacts/add), pushing an artifact to a registry (/libpod/artifacts/{name}/push), and retrieving the contents of an artifact (GET /libpod/artifacts/{name}/extract).
• The Compat Create endpoint for Containers now accepts a new parameter, HostConfig.CgroupnsMode, to specify the cgroup namespace mode of the created container.
• The Compat Create endpoint for Containers now ...

v5.5.2

Security

• This release addresses CVE-2025-6032, in which the TLS connection used to pull VM images for podman machine was, by default, not validated, allowing connections to servers with invalid certificates by default and potentially allowing a Man in the Middle attack.

Bugfixes

• Fixed a bug where Podman could panic after a reboot on systems with pods containing containers (#26469).

v5.5.1

Bugfixes

• Fixed a bug where containers mounting a volume to / could overmount important directories such as /proc causing start and/or runtime failures due to an issue with mount ordering (#26161).
• Fixed a bug where Quadlet .pod units could fail to start due to their storage not being mounted (#26190).
• Fixed a bug where containers joined to a network with DNS enabled would not include the host's search domains in their resolv.conf (#24713).
• Fixed a bug where the --dns-opt option to podman create, podman run, and podman pod create would append options to the container's resolv.conf, instead of replacing them (#22399).
• Fixed a bug where the podman kube play command would add an empty network alias for containers created with no name specified, causing Netavark to emit extraneous warnings.
• Fixed a bug where the podman system df command would panic when one or more containers were created using a root filesystem (the --rootfs option to podman create and podman run) instead of from an image (#26224).
• Fixed a bug where the log_tag field in containers.conf would override the --log-opt tag=value option to podman create and podman run (#26236).
• Fixed a bug where the podman volume rm and podman volume inspect commands would incorrectly handle volume names containing the _ character when the SQLite database backend was in use (#26168).
• Fixed a bug where the Podman remote client on Windows was unable to mount local folders into containers using overlay mounts (-v source:destination:O) (#25988).

API

• Fixed a bug in the Libpod Create API for Containers where rlimits specified with a value of -1 were causing errors, instead of being interpreted as the maximum possible value (#24886).
• Fixed a bug in the Compat Create API for Containers where specifying an entrypoint of [] (an empty array) was ignored, instead of setting an empty entrypoint (#26078).

Misc

• Updated Buildah to v1.40.1
• Updated the containers/common library to v0.63.1