diff --git a/_service b/_service
index e294f97..9ecc82c 100644
--- a/_service
+++ b/_service
@@ -3,8 +3,8 @@
     <param name="url">https://github.com/containerd/containerd.git</param>
     <param name="scm">git</param>
     <param name="filename">containerd</param>
-    <param name="versionformat">1.5.12_%h</param>
-    <param name="revision">v1.5.12</param>
+    <param name="versionformat">1.6.6_%h</param>
+    <param name="revision">v1.6.6</param>
     <param name="exclude">.git</param>
   </service>
   <service name="recompress" mode="disabled">
diff --git a/containerd-1.5.12_a4014bc909aa.tar.xz b/containerd-1.5.12_a4014bc909aa.tar.xz
deleted file mode 100644
index 98637ed..0000000
--- a/containerd-1.5.12_a4014bc909aa.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:18d7f7583a7cf94329827ca8b6bbc5c65db566917433c07d86a9702e013f39d3
-size 4482804
diff --git a/containerd-1.6.6_10c12954828e.tar.xz b/containerd-1.6.6_10c12954828e.tar.xz
new file mode 100644
index 0000000..c91e58c
--- /dev/null
+++ b/containerd-1.6.6_10c12954828e.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:91a3145a069c223e7db9694c1c08f44457f15f9b6fc77a156d558587e01bcb0d
+size 5209856
diff --git a/containerd.changes b/containerd.changes
index e78e292..00aca35 100644
--- a/containerd.changes
+++ b/containerd.changes
@@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Tue Jun  7 07:22:02 UTC 2022 - Aleksa Sarai <asarai@suse.com>
+
+- Update to containerd v1.6.6 to fix CVE-2022-31030 and meet the requirements
+  of Docker v20.10.17-ce. bsc#1200145
+- Remove upstreamed patches:
+  - bsc1200145-Limit-the-response-size-of-ExecSync.patch
+
+-------------------------------------------------------------------
+Mon Jun  6 05:49:56 UTC 2022 - Aleksa Sarai <asarai@suse.com>
+
+[ This patch was only released in SLES and Leap. ]
+
+- Backport patch to fix GHSA-5ffw-gxpp-mxpf CVE-2022-31030. bsc#1200145
+  + bsc1200145-Limit-the-response-size-of-ExecSync.patch
+
 -------------------------------------------------------------------
 Mon Jun  6 05:41:10 UTC 2022 - Aleksa Sarai <asarai@suse.com>
 
diff --git a/containerd.spec b/containerd.spec
index 1807a39..31b8bad 100644
--- a/containerd.spec
+++ b/containerd.spec
@@ -23,11 +23,11 @@
 %endif
 
 # MANUAL: Update the git_version.
-%define git_version a4014bc909aa533eb3c22f83f2a258bb0822e1b0
-%define git_short   a4014bc909aa
+%define git_version 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
+%define git_short   10c12954828e
 
 Name:           containerd
-Version:        1.5.12
+Version:        1.6.6
 Release:        0
 Summary:        Standalone OCI Container Daemon
 License:        Apache-2.0
@@ -84,21 +84,8 @@ separately from Docker.
 %setup -q -n %{name}-%{version}_%{git_short}
 
 %build
-# NOTE: containerd will switch to go.mod in 1.5.x so this can be removed after
-#       we update to that version.
-
-# Do not use symlinks. If you want to run the unit tests for this package at
-# some point during the build and you need to directly use go list directly it
-# will get confused by symlinks.
-export GOPATH=$HOME/go
-export PROJECT=$HOME/go/src/github.com/containerd/containerd
-export GO111MODULE=off
-mkdir -p $PROJECT
-rm -rf $PROJECT/*
-cp -ar * $PROJECT
-
 BUILDTAGS="apparmor selinux seccomp"
-make -C "$PROJECT"\
+%make_build \
 	BUILDTAGS="$BUILDTAGS" \
 	VERSION="v%{version}" \
 	REVISION="%{git_version}"