podman - Debian Package Tracker

general

source: podman (main)
version: 5.6.1+ds2-3
maintainer: Debian Go Packaging Team (archive) (DMD)
uploaders: Reinhard Tartler [DMD] – Faidon Liambotis [DMD] – Dmitry Smirnov [DMD]
arch: any
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

stable: 5.4.2+ds1-2
testing: 5.6.1+ds2-3
unstable: 5.6.1+ds2-3

versioned links

5.4.2+ds1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.6.1+ds2-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

podman (8 bugs: 0, 5, 3, 0)
podman-docker
podman-remote

action needed

A new upstream version is available: 5.6.2 high

A new upstream version 5.6.2 is available, you should consider packaging it.

Created: 2025-10-01 Last update: 2025-10-02 08:36

Marked for autoremoval on 05 November due to docker.io: #1115952 high

Version 5.6.1+ds2-3 of podman is marked for autoremoval from testing on Wed 05 Nov 2025. It depends (transitively) on docker.io, affected by #1115952. You should try to prevent the removal by fixing these RC bugs.

Created: 2025-09-29 Last update: 2025-10-02 08:02

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2025-4953: A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.

Created: 2025-09-05 Last update: 2025-09-30 03:04

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2025-4953: A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.

Created: 2025-09-05 Last update: 2025-09-30 03:04

7 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 2944def9a5cfb23a6820dbfc83fbe3c26886b0e4
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Thu Sep 25 05:45:39 2025 -0400

    debian/changelog: update

commit 3f79d40ce22abf13ae65f6fc9cb35c9af881b4a7
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Thu Sep 25 05:47:11 2025 -0400

    debian/README.Debian: remove duplicate 'get'

commit 868803721fcbe03fe6b5b9ba8e4abb6483f258f6
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Wed Sep 24 19:55:32 2025 -0400

    Add a NEWS entry for breaking changes in version 5.2.0

commit 76f4816087043d6a8ae9b6cc76364cba38f5aa5b
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Wed Sep 24 19:52:13 2025 -0400

    Add a NEWS entry for breaking changes in version 5.0.0, Closes: #1115347

commit 1a8ad05ead789400348adc7a1911c22d87e37dc7
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Mon Sep 22 05:36:29 2025 -0400

    debian/changelog: update

commit 8d9552951bb153357d9f6b882367fba2c48867b5
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Mon Sep 22 05:50:38 2025 -0400

    podman: remove libpod.conf, 87-podman-bridge.conflist on upgrade

commit c5b62554a60f4d62aa7a2bb715e568042bf759aa
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Mon Sep 22 05:23:07 2025 -0400

    integration-tests-rootful: Fix missing $SUDO substitution

https://salsa.debian.org/api/v4/projects/go-team%2Fpackages%2Fpodman/pipelines?scope=finished&per_page=1 API request failed: 403 Forbidden at /srv/qa.debian.org/data/vcswatch/vcswatch line 431.

Created: 2025-09-22 Last update: 2025-09-27 22:30

2 low-priority security issues in trixie low

There are 2 open security issues in trixie.

2 issues left for the package maintainer to handle:

CVE-2025-4953: (needs triaging) A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.
CVE-2025-9566: (needs triaging) There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1

You can find information about how to handle these issues in the security team's documentation.

Created: 2025-09-05 Last update: 2025-09-30 03:04

debian/patches: 2 patches to forward upstream low

Among the 6 debian patches available in version 5.6.1+ds2-3 of the package, we noticed the following issues:

2 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2024-09-17 Last update: 2025-09-28 10:33

testing migrations

This package will soon be part of the auto-gpgme1.0 transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2025-09-30] podman 5.6.1+ds2-3 MIGRATED to testing (Debian testing watch)
[2025-09-28] podman 5.6.1+ds2-2 MIGRATED to testing (Debian testing watch)
[2025-09-27] Accepted podman 5.6.1+ds2-3 (source) into unstable (Reinhard Tartler)
[2025-09-21] Accepted podman 5.6.1+ds2-2 (source) into unstable (Reinhard Tartler)
[2025-09-21] Accepted podman 5.6.1+ds1-2 (source) into unstable (Reinhard Tartler)
[2025-09-10] Accepted podman 5.6.1+ds1-1 (source) into experimental (Reinhard Tartler)
[2025-07-14] podman 5.4.2+ds1-2 MIGRATED to testing (Debian testing watch)
[2025-07-08] Accepted podman 5.4.2+ds1-2 (source) into unstable (Mathias Gibbens)
[2025-04-08] podman 5.4.2+ds1-1 MIGRATED to testing (Debian testing watch)
[2025-04-05] Accepted podman 5.4.2+ds1-1 (source) into unstable (Reinhard Tartler)
[2025-04-04] podman 5.4.1+ds1-3 MIGRATED to testing (Debian testing watch)
[2025-04-01] Accepted podman 5.4.1+ds1-3 (source) into unstable (Reinhard Tartler)
[2025-03-30] podman 5.4.1+ds1-2 MIGRATED to testing (Debian testing watch)
[2025-03-27] Accepted podman 5.4.1+ds1-2 (source) into unstable (Reinhard Tartler)
[2025-03-27] podman 5.4.1+ds1-1 MIGRATED to testing (Debian testing watch)
[2025-03-20] Accepted podman 5.4.1+ds1-1 (source) into unstable (Reinhard Tartler)
[2025-03-08] podman 5.4.0+ds1-1 MIGRATED to testing (Debian testing watch)
[2025-02-16] Accepted podman 5.4.0+ds1-1 (source) into unstable (Reinhard Tartler)
[2025-01-30] podman 5.3.2+ds1-1 MIGRATED to testing (Debian testing watch)
[2025-01-27] Accepted podman 5.3.2+ds1-1 (source) into unstable (Reinhard Tartler)
[2024-12-13] podman 5.3.1+ds1-7 MIGRATED to testing (Debian testing watch)
[2024-12-10] Accepted podman 5.3.1+ds1-7 (source) into unstable (Reinhard Tartler)
[2024-12-09] podman 5.3.1+ds1-6 MIGRATED to testing (Debian testing watch)
[2024-12-06] Accepted podman 5.3.1+ds1-6 (source) into unstable (Reinhard Tartler)
[2024-12-06] podman 5.3.1+ds1-4 MIGRATED to testing (Debian testing watch)
[2024-12-05] Accepted podman 5.3.1+ds1-5 (source) into unstable (Reinhard Tartler)
[2024-12-02] Accepted podman 5.3.1+ds1-4 (source) into unstable (Reinhard Tartler)
[2024-12-01] Accepted podman 5.3.1+ds1-3 (source) into unstable (Reinhard Tartler)
[2024-12-01] podman 5.3.1+ds1-1 MIGRATED to testing (Debian testing watch)
[2024-12-01] Accepted podman 5.3.1+ds1-2 (source) into unstable (Reinhard Tartler)

bugs [bug history graph]

all: 7 8
RC: 0
I&N: 5
M&W: 2 3
F&P: 0
patch: 0

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 5.4.2+ds1-2
1 bug