Skip to content

v5.8.4

Choose a tag to compare

View all tags
@github-actions github-actions released this 26 Jun 15:37
· 1588 commits to main since this release
v5.8.4
This tag was signed with the committer’s verified signature. The key has expired.
mheon Matt Heon
GPG key ID: 5A0F5FA1CEF5C874
Expired
Verified
Learn about vigilant mode.
5431df2

Security

  • This release addresses CVE-2026-57231, where a malicious image using malformed Env entries could cause host environment variables to leak into containers run based on the image, including the ability to use the * glob operator to leak large numbers of environment variables without knowing their exact names (GHSA-4hq8-gpf5-8p68).
  • The golang.org/x/crypto library has been updated to v0.53.0, addressing CVE-2026-39830 and CVE-2026-42508.

Bugfixes

  • Fixed a bug where the remote Podman client's podman save command would fail on Linux when using the -f oci-dir or -f docker-dir arguments.
Assets 17
Loading