k/k doesn't use much code from docker/distribution so this doesn't
change anything that's actually relevant, but 2.8.1 is identified as
affected by CVE-2022-28391 and CVE-2023-2253; bumping to 2.8.2 avoids
k/k triggering scanners on those CVEs.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
This updates vendored runc/libcontainer to 1.1.0,
and google/cadvisor to a version updated to runc 1.1.0
(google/cadvisor#3048).
Changes in vendor are generated by (roughly):
./hack/pin-dependency.sh github.com/google/cadvisor v0.44.0
./hack/pin-dependency.sh github.com/opencontainers/runc v1.1.0
./hack/update-vendor.sh
./hack/lint-dependencies.sh # And follow all its recommendations.
./hack/update-vendor.sh
./hack/update-internal-modules.sh
./hack/lint-dependencies.sh # Re-check everything again.
Co-Authored-By: Kir Kolyshkin <kolyshkin@gmail.com>
