Benjamin Koltermann discovered that containerd incorrectly handled large user id values. This could result in containers possibly being run as root, contrary to expectations.
{ "binaries": [ { "binary_name": "containerd", "binary_version": "1.6.12-0ubuntu1~18.04.1+esm2" }, { "binary_name": "containerd-dbgsym", "binary_version": "1.6.12-0ubuntu1~18.04.1+esm2" }, { "binary_name": "golang-github-containerd-containerd-dev", "binary_version": "1.6.12-0ubuntu1~18.04.1+esm2" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }