[release/1.5] Prepare release notes for v1.5.18

[dmcgowan]

Generated notes

---

containerd 1.5.18

Welcome to the v1.5.18 release of containerd!

The eighteenth patch release for containerd 1.5 includes fixes for CVE-2023-25153 and CVE-2023-25173
along with a security update for Go.

Notable Updates

• Fix supplementary groups not being set up properly (GHSA-hmfx-3pcx-653p)
• Fix OCI image importer memory exhaustion (GHSA-259w-8hf6-59c2)
• Update Go to 1.19.6 (#8112)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Akihiro Suda
• Ye Sijun
• Derek McGowan
• Samuel Karp
• Phil Estes
• Swagat Bora
• Wei Fu

Changes

16 commits

• ddf9de6cb Prepare release notes for v1.5.18
• Github Security Advisory GHSA-hmfx-3pcx-653p
  • a62c38bf2 oci: fix additional GIDs
  • 3b89da580 oci: fix loop iterator aliasing
  • b07ec6b25 oci: skip checking gid for WithAppendAdditionalGroups
  • 356672cb5 refactor: reduce duplicate code
  • 6a7b7617c add WithAdditionalGIDs test
  • 832bcf300 add WithAppendAdditionalGroups helper
• Github Security Advisory GHSA-259w-8hf6-59c2
  • 19a347e45 importer: stream oci-layout and manifest.json
• [release/1.5] Go 1.19.6 (#8112)
  • 4209dc243 Go 1.19.6
• [release/1.5] Fix retry logic within devmapper device deactivation (#8089)
  • 0d16d045d Fix retry logic within devmapper device deactivation
• [release/1.5] CI: skip some jobs when repo != containerd/containerd (#8084)
  • 34451bc66 CI: skip some jobs when repo != containerd/containerd

Dependency Changes

This release has no dependency changes

Previous release can be found at v1.5.17

[thaJeztah]

LGTM