Skip to content

v4.4.3

Compare
Choose a tag to compare
@ashley-cui ashley-cui released this 23 Mar 18:45
· 6443 commits to main since this release
v4.4.3
d2f93d6

Security

  • This release fixes CVE-2022-41723, a vulnerability in the golang.org/x/net package where a maliciously crafted HTTP/2 stream could cause excessive CPU consumption, sufficient to cause a denial of service.

Changes

  • Added SYS_CHROOT back to the default set of capabilities.

Bugfixes

  • Fixed a bug where quadlet would not use the default runtime set.
  • Fixed a bug where podman system service --log-level=trace did not hijack the client connection, causing remote podman run/attach calls to work incorrectly (#17749).
  • Fixed a bug where the podman-mac-helper returned an incorrect exit code after erroring. podman-mac-helper now exits with 1 on error (#17785).
  • Fixed a bug where podman run --dns ... --network would not respect the dns option. Podman will no longer add host nameservers to resolv.conf when aardvark-dns is used (#17499).
  • Fixed a bug where podman logs errored out with the passthrough driver when the container was run from a systemd service.
  • Fixed a bug where --health-on-failure=restart would not restart the container when the health state turned unhealthy (#17777).
  • Fixed a bug where podman machine VMs could have their system time drift behind real time. New machines will no longer be affected by this (#11541).

API

  • Fixed a bug where creating a network with the Compat API would return an incorrect status code. The API call now returns 409 when creating a network with an existing name and when CheckDuplicate is set to true (#17585).
  • Fixed a bug in the /auth REST API where logging into Docker Hub would fail (#17571).

Misc

  • Updated the containers/common library to v0.51.1
  • Updated the Mac pkginstaller QEMU to v7.2.0