I wonder if it really makes sense to keep podman in the Ubuntu repositories, at least if it's going to stay in universe? It's the sort of software that people who use it are going rely on being secure and up-to-date, and so far at least it has been quite a fast-moving target.
I'm not normally a big fan of static binaries, but in this instance an 'installer' package which just grabs the latest binaries from github and keeps them up-to-date might make more sense. Alternatively, I wonder whether a snap could be generated? I'm not a fan of the format myself, but I manage to use podman nested with a systemd- nspawn container here, so it seems conceivable that it might also be made to work in a privileged snap (with the assumption that podman itself will protect the host system from the containers it runs.) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971034 Title: Several security issues in libpod 3.4.x To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libpod/+bug/1971034/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
