From de26988e0508b2015d289c0cf4a7f59f8978f5c0 Mon Sep 17 00:00:00 2001
From: Etienne Champetier <champetier.etienne@gmail.com>
Date: Thu, 26 Mar 2020 11:48:26 -0400
Subject: [PATCH] containerd: bump to 1.2.13 (#5727) (#5832)

https://github.com/containerd/containerd/releases/tag/v1.2.11
CVE-2019-16884 / CVE-2019-17596

https://github.com/containerd/containerd/releases/tag/v1.2.12
CVE-2019-19921 / CVE-2019-16884 / CVE-2019-11253

https://github.com/containerd/containerd/releases/tag/v1.2.13

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit e2ec7c76a4ed4a23a5b3276e0cb48511b6ccd2a4)
---
 README.md                                               | 1 +
 roles/container-engine/containerd/defaults/main.yml     | 2 +-
 roles/container-engine/containerd/vars/debian.yml       | 6 ++++--
 roles/container-engine/containerd/vars/redhat.yml       | 6 ++++--
 roles/container-engine/containerd/vars/ubuntu-amd64.yml | 6 ++++--
 5 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index c5a6ccd37..dbea3c509 100644
--- a/README.md
+++ b/README.md
@@ -115,6 +115,7 @@ Note: Upstart/SysV init based OS types are not supported.
   - [kubernetes](https://github.com/kubernetes/kubernetes) v1.16.8
   - [etcd](https://github.com/coreos/etcd) v3.3.12
   - [docker](https://www.docker.com/) v18.06 (see note)
+  - [containerd](https://containerd.io/) v1.2.13
   - [cri-o](http://cri-o.io/) v1.14.0 (experimental: see [CRI-O Note](docs/cri-o.md). Only on centos based OS)
 - Network Plugin
   - [cni-plugins](https://github.com/containernetworking/plugins) v0.8.1
diff --git a/roles/container-engine/containerd/defaults/main.yml b/roles/container-engine/containerd/defaults/main.yml
index 949652515..16530b1d3 100644
--- a/roles/container-engine/containerd/defaults/main.yml
+++ b/roles/container-engine/containerd/defaults/main.yml
@@ -9,7 +9,7 @@ containerd_config:
     "docker.io": "https://registry-1.docker.io"
   max_container_log_line_size: -1
 
-containerd_version: '1.2.10'
+containerd_version: '1.2.13'
 containerd_package: 'containerd.io'
 
 containerd_cfg_dir: /etc/containerd
diff --git a/roles/container-engine/containerd/vars/debian.yml b/roles/container-engine/containerd/vars/debian.yml
index 6ad455c57..11faad631 100644
--- a/roles/container-engine/containerd/vars/debian.yml
+++ b/roles/container-engine/containerd/vars/debian.yml
@@ -6,8 +6,10 @@ containerd_versioned_pkg:
   '1.2.5': "{{ containerd_package }}=1.2.5-1"
   '1.2.6': "{{ containerd_package }}=1.2.6-3"
   '1.2.10': "{{ containerd_package }}=1.2.10-3"
-  'stable': "{{ containerd_package }}=1.2.10-3"
-  'edge': "{{ containerd_package }}=1.2.10-3"
+  '1.2.12': "{{ containerd_package }}=1.2.12-1"
+  '1.2.13': "{{ containerd_package }}=1.2.13-1"
+  'stable': "{{ containerd_package }}=1.2.13-1"
+  'edge': "{{ containerd_package }}=1.2.13-1"
 
 containerd_package_info:
   pkg_mgr: apt
diff --git a/roles/container-engine/containerd/vars/redhat.yml b/roles/container-engine/containerd/vars/redhat.yml
index ae6ab87d9..e95a48376 100644
--- a/roles/container-engine/containerd/vars/redhat.yml
+++ b/roles/container-engine/containerd/vars/redhat.yml
@@ -6,8 +6,10 @@ containerd_versioned_pkg:
   '1.2.5': "{{ containerd_package }}-1.2.5-3.1.el7"
   '1.2.6': "{{ containerd_package }}-1.2.6-3.3.el7"
   '1.2.10': "{{ containerd_package }}-1.2.10-3.2.el7"
-  'stable': "{{ containerd_package }}-1.2.10-3.2.el7"
-  'edge': "{{ containerd_package }}-1.2.10-3.2.el7"
+  '1.2.12': "{{ containerd_package }}-1.2.12-3.1.el7"
+  '1.2.13': "{{ containerd_package }}-1.2.13-3.1.el7"
+  'stable': "{{ containerd_package }}-1.2.13-3.1.el7"
+  'edge': "{{ containerd_package }}-1.2.13-3.1.el7"
 
 containerd_package_info:
   pkg_mgr: yum
diff --git a/roles/container-engine/containerd/vars/ubuntu-amd64.yml b/roles/container-engine/containerd/vars/ubuntu-amd64.yml
index 6dce99cd9..a80bcd4df 100644
--- a/roles/container-engine/containerd/vars/ubuntu-amd64.yml
+++ b/roles/container-engine/containerd/vars/ubuntu-amd64.yml
@@ -6,8 +6,10 @@ containerd_versioned_pkg:
   '1.2.5': "{{ containerd_package }}=1.2.5-1"
   '1.2.6': "{{ containerd_package }}=1.2.6-3"
   '1.2.10': "{{ containerd_package }}=1.2.10-3"
-  'stable': "{{ containerd_package }}=1.2.10-3"
-  'edge': "{{ containerd_package }}=1.2.10-3"
+  '1.2.12': "{{ containerd_package }}=1.2.12-1"
+  '1.2.13': "{{ containerd_package }}=1.2.13-1"
+  'stable': "{{ containerd_package }}=1.2.13-1"
+  'edge': "{{ containerd_package }}=1.2.13-1"
 
 containerd_package_info:
   pkg_mgr: apt