chore(deps): update quay.io/containers/podman docker tag to v4.4.2 (!548) · Merge requests · Shivering-Isles / Infrastructure GitOps

This MR contains the following updates:

Package	Type	Update	Change
quay.io/containers/podman	image-name	patch	`v4.4.1` -> `v4.4.2`

containers/podman

This release fixes CVE-2023-0778, which allowed a malicious user to potentially replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.

Fixed a bug where containers started via the podman-kube systemd template would always use the "passthrough" log driver (#17482).
Fixed a bug where pulls would unexpectedly encounter an EOF error. Now, Podman automatically transparently resumes aborted pull connections.
Fixed a race condition in Podman's signal proxy.

Added the podman-systemd.unit man page, which can also be displayed using man quadlet (#17349).
Documented journald identifiers used in the journald backend for the podman events command.
Dropped the CAP_CHROOT, CAP_AUDIT_WRITE, CAP_MKNOD, CAP_MKNOD default capabilities.

Fixed a bug where the default handling of pids-limit was incorrect.
Fixed a bug where parallel calls to make docs crashed (#17322).
Fixed a regression in the podman kube play command where existing resources got mistakenly removed.

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

This MR has been generated by Renovate Bot. The local configuration can be found in the SI Renovate Bot repository.

chore(deps): update quay.io/containers/podman docker tag to v4.4.2