e1c5d71c0c
Update Go runtime to 1.18.5 to address CVE-2022-32189. Full diff: https://github.com/golang/go/compare/go1.18.4...go1.18.5 -------------------------------------------------------- From the security announcement: https://groups.google.com/g/golang-announce/c/YqYYG87xB10 We have just released Go versions 1.18.5 and 1.17.13, minor point releases. These minor releases include 1 security fixes following the security policy: encoding/gob & math/big: decoding big.Float and big.Rat can panic Decoding big.Float and big.Rat types can panic if the encoded message is too short. This is CVE-2022-32189 and Go issue https://go.dev/issue/53871. View the release notes for more information: https://go.dev/doc/devel/release#go1.18.5 Signed-off-by: Daniel Canter <dcanter@microsoft.com>
contrib
The contrib directory contains packages that do not belong in the core containerd packages but still contribute to overall containerd usability.
Package such as Apparmor or Selinux are placed in contrib because they are platform dependent and often require higher level tools and profiles to work.
Packaging and other built tools can be added to contrib to aid in packaging containerd for various distributions.
Testing
Code in the contrib directory may or may not have been tested in the normal test pipeline for core components.