Podman

Security
- This release addresses a number of Buildkit vulnerabilities including but not limited to: [CVE-2024-23651](https://github.com/advisories/GHSA-m3r6-h7wv-7xxv), [CVE-2024-23652](https://github.com/advisories/GHSA-4v98-7qmw-rqr8), and [CVE-2024-23653](https://github.com/advisories/GHSA-wr6v-9f75-vh2g).

Misc
- Updated Buildah to v1.33.5
- Updated the containers/common library to v0.57.4

Bugfixes
- Fixed a bug where the `--rootful` option to `podman machine set` would not set the machine to use the root connection ([21195](https://github.com/containers/podman/issues/21195)).
- Fixed a bug where podman would crash when running in a containerized environment with `euid != 0` and capabilities set ([20766](https://github.com/containers/podman/issues/20766)).
- Fixed a bug where the `podman info` command would crash on if called multiple times when podman was running as `euid=0` without `CAP_SYS_ADMIN` ([20908](https://github.com/containers/podman/issues/20908)).
- Fixed a bug where `podman machine` commands were not relayed to the correct machine on AppleHV ([21115](https://github.com/containers/podman/issues/21115)).
- Fixed a bug where the `podman machine list` and `podman machine inspect` commands would not show the correct `Last Up` time on AppleHV ([21244](https://github.com/containers/podman/issues/21244)).

Misc
- Updated the Mac pkginstaller QEMU to v8.2.1
- Updated Buildah to v1.33.4
- Updated the containers/image library to v5.29.2
- Updated the containers/common library to v0.57.3

Features
- The `podman farm` suite of commands for multi-architecture builds is now fully enabled and documented.
- Add a network recovery service to Podman Machine VMs using the QEMU backend to detect and recover from an inoperable host networking issues experienced by Mac users when running for long periods of time.

Bugfixes
- Fixed a bug where the HyperV provider for `podman machine` did not forward the API socket to the host machine.
- Fixed a bug where improperly formatted annotations passed to `podman kube play` could cause Podman to panic.
- Fixed a bug where `podman system reset` could fail if non-Podman containers (e.g. containers created by Buildah) were present.

Misc
- Containers run in `podman machine` VMs now default to a PID limit of unlimited, instead of 2048.

Security
- Fixed [GHSA-45x7-px36-x8w8](https://github.com/advisories/GHSA-45x7-px36-x8w8): CVE-2023-48795 by vendoring golang.org/x/crypto v0.17.0.

Bugfixes
- Fixed a bug in the MacOS pkginstaller where Podman machine was using a different QEMU binary than the one installed using the installer, if it existed on the system ([20808](https://github.com/containers/podman/issues/20808)).
- Fixed a bug on Windows (WSL) with the first-time install of user-mode networking when using the init command, as opposed to set ([20921](https://github.com/containers/podman/issues/20921)).

Quadlet
- Fixed a bug where Kube image build failed when starting service with missing image ([20432](https://github.com/containers/podman/issues/20432)).

Bugfixes
- Fixed a bug on Windows (WSL) where wsl.conf/resolv.conf was not restored when user-mode networking was disabled after being enabled ([20625](https://github.com/containers/podman/issues/20625)).
- Fixed a bug where currently if user specifies `podman kube play --replace`, the pod is removed on the client side, not the server side ([20705](https://github.com/containers/podman/discussions/20705)).
- Fixed a bug where `podman machine rm -f` would cause a deadlock when running with WSL.
- Fixed `database is locked` errors with the new sqlite database backend ([20809](https://github.com/containers/podman/issues/20809)).
- Fixed a bug where `podman-remote exec` would fail if the server API version is older than 4.8.0 ([20821](https://github.com/containers/podman/issues/20821)).
- Fixed a bug where Podman would not run any command on systems with a symlinked $HOME ([20872](https://github.com/containers/podman/issues/20872)).