diff --git a/_service b/_service
index f774943..9ecc82c 100644
--- a/_service
+++ b/_service
@@ -3,8 +3,8 @@
https://github.com/containerd/containerd.git
git
containerd
- 1.5.11_%h
- v1.5.11
+ 1.6.6_%h
+ v1.6.6
.git
diff --git a/containerd-1.5.11_3df54a852345.tar.xz b/containerd-1.5.11_3df54a852345.tar.xz
deleted file mode 100644
index f00ddd1..0000000
--- a/containerd-1.5.11_3df54a852345.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9c336dd3501a9a81e24d3385b84a946bc252e6379929e372bac58c31d757d688
-size 4439804
diff --git a/containerd-1.6.6_10c12954828e.tar.xz b/containerd-1.6.6_10c12954828e.tar.xz
new file mode 100644
index 0000000..c91e58c
--- /dev/null
+++ b/containerd-1.6.6_10c12954828e.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:91a3145a069c223e7db9694c1c08f44457f15f9b6fc77a156d558587e01bcb0d
+size 5209856
diff --git a/containerd.changes b/containerd.changes
index 4b27a73..00aca35 100644
--- a/containerd.changes
+++ b/containerd.changes
@@ -1,3 +1,25 @@
+-------------------------------------------------------------------
+Tue Jun 7 07:22:02 UTC 2022 - Aleksa Sarai
+
+- Update to containerd v1.6.6 to fix CVE-2022-31030 and meet the requirements
+ of Docker v20.10.17-ce. bsc#1200145
+- Remove upstreamed patches:
+ - bsc1200145-Limit-the-response-size-of-ExecSync.patch
+
+-------------------------------------------------------------------
+Mon Jun 6 05:49:56 UTC 2022 - Aleksa Sarai
+
+[ This patch was only released in SLES and Leap. ]
+
+- Backport patch to fix GHSA-5ffw-gxpp-mxpf CVE-2022-31030. bsc#1200145
+ + bsc1200145-Limit-the-response-size-of-ExecSync.patch
+
+-------------------------------------------------------------------
+Mon Jun 6 05:41:10 UTC 2022 - Aleksa Sarai
+
+- Update to containerd v1.5.12. Upstream release notes:
+
+
-------------------------------------------------------------------
Thu Apr 14 04:15:16 UTC 2022 - Aleksa Sarai
diff --git a/containerd.spec b/containerd.spec
index a468291..31b8bad 100644
--- a/containerd.spec
+++ b/containerd.spec
@@ -23,11 +23,11 @@
%endif
# MANUAL: Update the git_version.
-%define git_version 3df54a852345ae127d1fa3092b95168e4a88e2f8
-%define git_short 3df54a852345
+%define git_version 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
+%define git_short 10c12954828e
Name: containerd
-Version: 1.5.11
+Version: 1.6.6
Release: 0
Summary: Standalone OCI Container Daemon
License: Apache-2.0
@@ -43,8 +43,8 @@ BuildRequires: libbtrfs-devel >= 3.8
BuildRequires: libseccomp-devel >= 2.2
BuildRequires: pkg-config
# Due to a limitation in openSUSE's Go packaging we cannot have a BuildRequires
-# for 'golang(API) >= 1.16' here, so just require 1.16 exactly. bsc#1172608
-BuildRequires: go1.16
+# for 'golang(API) >= 1.18' here, so just require 1.18 exactly. bsc#1172608
+BuildRequires: go1.18
# We provide a git revision so that Docker can require it properly.
Provides: %{name}-git = %{git_version}
# Currently runc is the only supported runtime for containerd. We pin the same
@@ -84,21 +84,8 @@ separately from Docker.
%setup -q -n %{name}-%{version}_%{git_short}
%build
-# NOTE: containerd will switch to go.mod in 1.5.x so this can be removed after
-# we update to that version.
-
-# Do not use symlinks. If you want to run the unit tests for this package at
-# some point during the build and you need to directly use go list directly it
-# will get confused by symlinks.
-export GOPATH=$HOME/go
-export PROJECT=$HOME/go/src/github.com/containerd/containerd
-export GO111MODULE=off
-mkdir -p $PROJECT
-rm -rf $PROJECT/*
-cp -ar * $PROJECT
-
BUILDTAGS="apparmor selinux seccomp"
-make -C "$PROJECT"\
+%make_build \
BUILDTAGS="$BUILDTAGS" \
VERSION="v%{version}" \
REVISION="%{git_version}"