winget install --id RedHat.PodmanAbout Podman
Podman is a daemonless, open source, Linux native tool designed to make it easy to find, run, build, share and deploy applications using Open Containers Initiative (OCI) Containers and Container Images. Podman provides a command line interface (CLI) familiar to anyone who has used the Docker Container Engine. Most users can simply alias Docker to Podman (alias docker=podman) without any problems. Similar to other common Container Engines (Docker, CRI-O, containerd), Podman relies on an OCI compliant Container Runti...
What's new in 5.8.2
Security - This release addresses CVE-2026-33414, where the podman machine init --image command when run on Windows using the Hyper-V backend can run Powershell-escaped commands from the user-specified image path on in a Powershell session on the host (GHSA-hc8w-h2mf-hp59). Bugfixes - Fixed a bug where containers with the unless-stopped restart policy would not restart after a reboot when podman-restart.service was enabled (#28152). - Fixed a bug where setting Entrypoint="" in a Quadlet .container file did not clear the container's entrypoint (#28213). - Fixed a bug where setting a HealthCmd in a Quadlet .container file to a command that included double-quotes (") would result in a nonfunctional healthcheck due to a parsing issue (#28409). - Fixed a bug where FreeBSD systems could panic when inspecting containers created with the host network mode (#28289). API - Fixed a bug where the Libpod System Check endpoint could perform operations with bad data after returning a 400 error (#28350). - Fixed a bug where the remote attach API for containers (Libpod & Compat) could panic due to a rare race condition (#28277). - Fixed a bug where the Secret Create API could not create functional secrets using the shell driver due to options from the default driver being improperly added. Misc - Updated Buildah to v1.43.1 - Updated the containers/common library to v0.67.1 - Updated the containers/image library to v5.39.2
Version history
| Version | Updated | Notes |
|---|---|---|
| 5.8.2 | Unknown | Security - This release addresses CVE-2026-33414, where the podman machine init --image command when run on Windows using the Hyper-V backend can run Powershell-escaped commands from the user-specified image path on in a... |
| 5.8.1 | Unknown | Bugfixes - Fixed a critical bug where automatic migration from BoltDB to SQLite after a reboot could perform a partial migration, with some containers in SQLite and some remaining in BoltDB, when Quadlets were in use (#2... |
| 5.8.0 | Unknown | Features - The podman quadlet install command can now install files which contain multiple separate Quadlet files. The files must be separated with a --- delimeter on a new line, and each section must begin with a # File... |
| 5.7.1 | Unknown | Bugfixes - Fixed a bug where adding devices to emulated Linux containers on FreeBSD did not work. - Fixed a bug where the podman system migrate command could panic under certain circumstances when run rootless. - Fixed a... |
| 5.7.0 | Unknown | Security - This release addresses CVE-2025-52881, where arbitrary write gadgets and procfs write redirects allowed runc container escape and denial of service. Features - The remote Podman client and podman system servic... |
| 5.6.2 | Unknown | Bugfixes - Fixed a bug where stopping the podman machine start command with SIGPIPE could result in machine state being stuck as "Starting" (#26949). - Fixed a bug where podman build would fail with a permissions error w... |
| 5.6.1 | Unknown | Security - This release addresses CVE-2025-9566, where Kubernetes YAML run by podman play kube containing ConfigMap and Secret volumes can use crafted symlinks to overwrite content on the host. Bugfixes - Fixed a bug whe... |
| 5.6.0 | Unknown | Release notes |
| 5.5.2 | Unknown | Security - This release addresses CVE-2025-6032, in which the TLS connection used to pull VM images for podman machine was, by default, not validated, allowing connections to servers with invalid certificates by default... |
| 5.5.1 | Unknown | Bugfixes - Fixed a bug where containers mounting a volume to / could overmount important directories such as /proc causing start and/or runtime failures due to an issue with mount ordering (#26161). - Fixed a bug where Q... |
| 5.5.0 | Unknown | Features - A new command has been added, podman machine cp, to copy files into a running podman machine VM. - A new command has been added, podman artifact extract, to copy some or all of the contents of an OCI artifact... |
| 5.4.2 | Unknown | Bugfixes - Fixed a bug where the podman import command could not import images compressed with algorithms other than gzip (#25593). - Fixed a bug where the podman cp command could deadlock when copying into a non-empty v... |
| 5.4.1 | Unknown | Bugfixes - Fixed a bug where volume quotas were not being applied (#25368). - Fixed a bug where the --pid-limit=-1 option did not function properly with containers using the runc OCI runtime. - Fixed a bug where the podm... |
| 5.4.0 | Unknown | Features - A preview of Podman's support for OCI artifacts has been added through the podman artifact suite of commands, including add, inspect, ls, pull, push, and rm. This support is very early and not fully complete,... |
| 5.3.2 | Unknown | Security - This release contains Buildah v1.38.1 which addresses CVE-2024-11218 Bugfixes - Fixed a bug where Quadlet .build files could create an invalid podman command line when Pull= was used (#24599). - Fixed a bug wh... |
| 5.3.1 | Unknown | - Fixed a bug where the --ignition-path option to podman machine init would prevent creation of necessary files for the VM, rendering it unusable (#23544). - Fixed a bug where rootless containers using the bridge network... |
| 5.3.0 | Unknown | Release notes |
| 5.2.5 | Unknown | Security - This release addresses CVE-2024-9675, which allows arbitrary access to the host filesystem from RUN --mount type=cache arguments to a Dockerfile being built. - This release also addresses CVE-2024-9676, which... |
| 5.2.4 | Unknown | Security - This release addresses CVE-2024-9407, which allows arbitrary access to the host filesystem from RUN --mount arguments to a Dockerfile being built. - This release also addresses CVE-2024-9341, allowing the moun... |
| 5.2.3 | Unknown | Bugfixes - Fixed a bug that could cause network namespaces to fail to unmount, resulting in Podman commands hanging. - Fixed a bug where Podman could not run images which included SCTP exposed ports. - Fixed a bug where... |