[20.10] update containerd binary to v1.6.18

update containerd binary to v1.6.18, which includes fixes for CVE-2023-25153 and CVE-2023-25173. 1.6.18 release notes: https://github.com/containerd/containerd/releases/tag/v1.6.18 > - Fix OCI image importer memory exhaustion (GHSA-259w-8hf6-59c2) > - Fix supplementary groups not being set up properly (GHSA-hmfx-3pcx-653p) > - Revert removal of /sbin/apparmor_parser check > - Update Go to 1.19.6 full diff: https://github.com/containerd/containerd/compare/v1.6.17...v1.6.18 1.6.17 release notes: https://github.com/containerd/containerd/releases/tag/v1.6.17 > - Add network plugin metrics > - Update mkdir permission on /etc/cni to 0755 instead of 0700 > - Export remote snapshotter label handler > - Add support for default hosts.toml configuration full diff: https://github.com/containerd/containerd/compare/v1.6.16...v1.6.17 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 52d667794f) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-17 01:22:44 +01:00 · 2023-02-17 01:22:44 +01:00 · 1176e7f90d
commit 1176e7f90d
parent 206d38a9c1
1 changed files with 1 additions and 1 deletions
--- a/hack/dockerfile/install/containerd.installer
+++ b/hack/dockerfile/install/containerd.installer
@ -15,7 +15,7 @@ set -e
 # the binary version you may also need to update the vendor version to pick up
 # bug fixes or new APIs, however, usually the Go packages are built from a
 # commit from the master branch.
-: "${CONTAINERD_VERSION:=v1.6.16}"
+: "${CONTAINERD_VERSION:=v1.6.18}"

 install_containerd() (
 	echo "Install containerd version $CONTAINERD_VERSION"