Podman 5.7: What's New, Release History & EOL Status

5.7.1

Latest release in branch 5.7
Released 1 year ago (October 20, 2024)

Software	Podman
Branch	5.7
First official release version	5.7.0
First official release date	1 year ago (October 10, 2024)
Release notes	https://github.com/containers/podman/releases/tag/v5.7.0
Source code	https://github.com/containers/podman
Documentation	https://podman.io/docs/
Download	https://podman.io/docs/installation
Podman 5.7 Releases	View full list

What is new in Podman 5.7

Podman 5.7 delivers important security fixes and practical enhancements for remote usage, Kubernetes workflows, Quadlet management, and artifact handling. A major security update addresses a container escape vulnerability, while new TLS support strengthens remote client connections. This version also improves performance when working with Podman machines and adds several convenient options for daily container operations.

From my experience running Podman in large production environments, these changes make remote management and systemd integration noticeably smoother and more secure.

Security Improvements in Podman 5.7

Podman 5.7 includes a critical security fix for CVE-2025-52881. This update prevents arbitrary write gadgets and procfs write redirects that could allow a container escape or denial of service when using runc.

All users should upgrade to benefit from this protection, especially those running containers with untrusted images or in multi-tenant environments.

Key Features and Enhancements

Area	Description
Remote Client & Service	Added full TLS and mTLS support for encrypted connections. The `podman system connection add` command now supports secure TCP sockets with certificate-based client authentication.
Image Pull	New `--creds` and `--cert-dir` options for `podman run` and `podman create` to simplify registry authentication.
Kubernetes Support	`podman kube play` and `podman kube down` now accept multiple YAML files at once. New `--no-pod-prefix` option disables automatic pod name prefixing for containers.
Podman Machine	`podman machine init` adds `--tls-verify` option. Loading images or building inside a VM is faster when source paths are already shared into the VM.
Artifact Management	Extended support with `--replace`, `--ignore`, multiple arguments for remove, creation timestamps, and custom formatting options.

Quadlet Improvements

Quadlet support continues to mature in Podman 5.7 with several useful additions:

New .artifact unit type for managing OCI artifacts.
HttpProxy key in .container files to control proxy forwarding.
StopTimeout key in .pod files.
New keys in .build files: BuildArg and IgnoreFile.
Support for multiple YAML files in a single .kube unit.
Templated dependencies for volumes and networks.
podman quadlet install --replace and new alias podman quadlet cat for podman quadlet print.

Other Notable Changes

Podman 5.7 prepares for future database changes by showing a warning when the deprecated BoltDB backend is in use. You can suppress this warning by setting the environment variable SUPPRESS_BOLTDB_WARNING=true.

Additional improvements include:

Default log path for the k8s-file driver configurable in containers.conf.
Default OCI runtime flags via runtimes_flags in configuration.
podman wait --return-on-first to stop waiting after the first container meets the condition.
podman container restore --tcp-close for containers with active TCP connections.
Better shell completion for --sysctl and network interface names.

Bug Fixes in Podman 5.7

This release fixes several issues that improve reliability:

Fixed --filter ancestor= in podman ps to support substring matching.
Corrected label filtering in podman events.
Prevented data loss at the start of attach sessions in the remote client.
Fixed podman build ignoring some SBOM options.
Resolved issues with user namespace and runc 1.1.11+ when using --userns=ns:/path.
Improved handling of mounts without a source in Quadlet files.
Fixed podman info panic related to binfmt_misc.

Dependency Updates

Component	Version in Podman 5.7
Go	1.24 (minimum required)
Buildah	Updated to latest compatible version
containers/common	Updated

Frequently Asked Questions about Podman 5.7

What is the most important reason to upgrade to Podman 5.7?

The security fix for CVE-2025-52881 and the new TLS/mTLS support for remote connections make this a valuable upgrade for secure and remote deployments.

Does Podman 5.7 support multiple Kubernetes files in one command?

Yes. Both podman kube play and podman kube down now accept multiple files, making it easier to manage complex deployments.

Is the BoltDB warning in Podman 5.7 something I need to act on immediately?

It is a heads-up for the upcoming removal in Podman 6.0. Most users can continue as normal, but plan to migrate to SQLite in a future release.

Can I use new Quadlet features without changing my existing units?

Yes. All new keys and options are optional. Existing Quadlet files will continue to work without modification.

Summary of Podman 5.7

Podman 5.7 strengthens security, enhances remote and Kubernetes workflows, and extends Quadlet and artifact capabilities. These updates, paired with many stability fixes, make it a solid choice for both development and production container environments.

Releases In Branch 5.7

Version	Release date
5.7.1	1 year ago (October 20, 2024)
5.7.0	1 year ago (October 10, 2024)
5.7.0-rc1	1 year ago (October 05, 2024)