From 180f3b9cc79fef473b9d3f54285a4d77222235e7 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Fri, 4 Mar 2022 18:02:06 +0100
Subject: [PATCH] update containerd binary to v1.5.10

Welcome to the v1.5.10 release of containerd!

The tenth patch release for containerd 1.5 includes a fix for [CVE-2022-23648][1]
and other issues.

Notable Updates

- Use fs.RootPath when mounting volumes (GHSA-crp2-qrr5-8pq7)
- Return init pid when clean dead shim in runc.v1/v2 shims
- Handle sigint/sigterm in shimv2
- Use readonly mount to read user/group info

[1]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23648
[2]: https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 2c8f0a0c9993187f861c2b23faedf951b7b54e6e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 hack/dockerfile/install/containerd.installer | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer
index 59247fbf8c7f6..cc0a51115a592 100755
--- a/hack/dockerfile/install/containerd.installer
+++ b/hack/dockerfile/install/containerd.installer
@@ -15,7 +15,7 @@ set -e
 # the binary version you may also need to update the vendor version to pick up
 # bug fixes or new APIs, however, usually the Go packages are built from a
 # commit from the master branch.
-: "${CONTAINERD_VERSION:=v1.5.9}"
+: "${CONTAINERD_VERSION:=v1.5.10}"
 
 install_containerd() (
 	echo "Install containerd version $CONTAINERD_VERSION"