USN-4653-2: containerd vulnerability

Details

USN-4653-1 fixed a vulnerability in containerd. Unfortunately, those containerd packages introduced a regression in docker.io and the update was reverted. This update addresses the docker.io issue and reintroduces the fixes from USN-4653-1. We apologize for the inconvenience.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.10

• containerd - 1.3.7-0ubuntu3.2
• golang-github-containerd-containerd-dev - 1.3.7-0ubuntu3.2

Ubuntu 20.04

• containerd - 1.3.3-0ubuntu2.2
• golang-github-docker-containerd-dev - 1.3.3-0ubuntu2.2

Ubuntu 18.04

• containerd - 1.3.3-0ubuntu1~18.04.4
• golang-github-docker-containerd-dev - 1.3.3-0ubuntu1~18.04.4

Ubuntu 16.04

• containerd - 1.2.6-0ubuntu1~16.04.6
• golang-github-docker-containerd-dev - 1.2.6-0ubuntu1~16.04.6

After a standard system update you need to restart containerd to make
all the necessary changes.

References

• CVE-2020-15257
• https://launchpad.net/bugs/1870514

Related notices

• USN-4653-1: containerd, golang-github-containerd-containerd-dev, golang-github-docker-containerd-dev