Last checked and updated on April 15, 2026What Is New in Podman 4.7
Podman 4.7 delivers a significant update focused on enhancing container management, security, and networking capabilities. This release introduces new features, critical improvements, and resolves a number of bugs to provide a more robust experience.
| Category | Key Highlights |
|---|---|
| New Features | Native Docker Compose support, New `podman events` options, Container checkpoint/restore on FreeBSD |
| Improvements | Enhanced `podman machine` for macOS, Better container cleanup, Improved Quadlet functionality |
| Bug Fixes | Resolved issues with image handling, networking, and the REST API |
| Security | Updates to address multiple CVEs, including those in containers/storage and containers/image |
| Deprecations | Deprecation of the `podman-remote` binary name on Windows |
What are the major new features in Podman 4.7?
The headline feature is the stable implementation of native Docker Compose support. You can now run podman compose directly without an external binary. This is a game-changer for developers migrating from Docker who rely on compose files.
The podman events command gets new filtering options (--until and --since), making it much easier to query the event log for specific timeframes. For FreeBSD users, the container checkpoint and restore feature has finally landed, bringing it on par with Linux.
How has Podman Machine for macOS improved?
The podman machine experience on macOS has been refined. You can now specify a different primary disk size during VM initialization using the --disk-size flag, giving you more control over your development environment's resources from the start.
Under the hood, the default mount type for directory sharing has been switched to virtiofs, which generally offers better performance compared to the previous 9p implementation. This means your volume mounts should feel snappier.
What networking changes should I be aware of?
A notable change is the new default behavior for port forwarding on the rootless network stack (slirp4netns). The default port forwarding range is now set to 0, which allows mapping to any available privileged port (below 1024).
This simplifies exposing standard ports from rootless containers. The podman network reload command now also supports the --all flag, allowing you to reload the network configuration for every running container at once.
Were there any important security updates?
Yes, this release incorporates fixes for several CVEs found in dependent libraries. The containers/storage and containers/image libraries were updated to address vulnerabilities that could potentially lead to denial-of-service scenarios or other unexpected behavior.
Staying current with this release ensures your container workflows benefit from these security patches. It's a straightforward update that bolsters the overall stability of your runtime.
How does Quadlet make systemd integration easier?
Quadlet continues to evolve as the preferred method for running containers under systemd. Podman 4.7 adds support for automatically using the host's network namespace when HostNetwork is set to true in a Quadlet container file.
They've also fixed issues related to environment variable handling and the Notify option. In practice, this means your systemd-managed containers behave more predictably and are easier to configure for complex networking needs.
FAQ
Is Docker Compose now fully supported without any extra tools?
Yes. The podman compose command is now stable and built directly into the Podman binary. You can run your existing docker-compose.yaml files without installing the Docker Compose binary.
I use FreeBSD. What does checkpoint/restore support mean for me?
You can now freeze a running container's state to disk (checkpoint) and resume it later (restore) on the same host. This is useful for live migration, debugging, or saving a precise state.
What happens if I use `podman-remote` on Windows?
The podman-remote.exe binary name is now deprecated. You should use the standard podman.exe command instead, which automatically operates in remote mode when needed.
How do I filter events by time with the new options?
Use podman events --since 1h to see events from the last hour or podman events --until 2023-10-25 to see events up to a specific date. You can combine both flags for a precise timeframe.
My rootless container needs to bind to port 80. Is that easier now?
Yes. The default change to the rootless port forwarder allows mapping to any privileged port. You can now run podman run -p 80:80 ... without needing to adjust any additional range settings.