Hi all,
containerd issued a fix for
CVE-2020-15257 in containerd 1.3.9 and 1.4.3. This CVE affects the communication between containerd and shims. Starting at
b2a6973,
gvisor-containerd-shim was updated to build against
containerd 1.3.9.
This version is not compatible with containerd releases that do not contain the fix. When used with containerd versions that do not have the fix, the shim will fail to start with the following error:
Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create containerd task: dial unix /run/containerd/s/09e4a212c74968bf1dfd3d75ddc47bfd8bbab446e0f3ae5347da51008e378cff: connect: connection refused: unknown
Minimum containerd versions required are 1.3.9 and 1.4.3.