Update containerd and docker packages

[szh]

Desired Outcome

Dependabot has flagged 3 issues in Secretless modules:

CVE-2022-23648: Insecure handling of image volumes in containerd CRI plugin (High severity) CVE-2015-3627: Symlink attack in libcontainer and docker engine (Medium severity) GHSA-qq97-vm5h-rrhg: OCI Manifest Type Confusion It looks like the affected modules are only indirect dependencies or used in test code, but we should upgrade them. Some of the updates seem to cross major version boundaries, so this is likely more than just version bumps.

To fix these, we need to get:

github.com/containerd/containerd to 1.6.1, 1.5.10, or 1.4.13 or later github.com/docker/docker to 1.6.1 or later github.com/docker/distribution to 2.8.0 or later (or if we're using the main branch, to the commit after https://github.com/distribution/distribution/commit/b59a6f827947f9e0e67df0cfb571046de4733586) This includes any indirect references back to these libraries if possible. (Go.sum should contain no references to vulnerable versions. If that's not possible, we need to document which modules are pulling in old versions so we can watch for updates to them or replace those modules with more up-to-date alternatives.)

Implemented Changes

• Updated github.com/containerd/containerd from v1.5.9 to v1.6.2
• Updated github.com/docker/docker from v1.4.2-0.20191231165639-e6f6c35b7902 to v20.10.14+incompatible
• Updated docker/distribution from v2.7.1+incompatible to v2.8.1+incompatible

Connected Issue/Story

Resolves #1420

CyberArk internal issue link: CONJSE-1284

Definition of Done

• [x] Secretless no longer contains vulnerability in github.com/containerd/containerd as indicated by absence of Dependabot alert
• [x] Secretless no longer contains vulnerability in github.com/docker/docker as evidenced by absence of Dependabot alert
• [x] Secretless no longer contains vulnerability in github.com/docker/distribution as evidenced by absence of Dependabot alert

Changelog

• [x] The CHANGELOG has been updated, or
• [ ] This PR does not include user-facing changes and doesn't require a CHANGELOG update

Test coverage

• [ ] This PR includes new unit and integration tests to go with the code changes, or
• [x] The changes in this PR do not require tests

Documentation

• [ ] Docs (e.g. READMEs) were updated in this PR
• [ ] A follow-up issue to update official docs has been filed here: [insert issue ID]()
• [x] This PR does not require updating any documentation

Behavior

• [ ] This PR changes product behavior and has been reviewed by a PO, or
• [ ] These changes are part of a larger initiative that will be reviewed later, or
• [x] No behavior was changed with this PR

Security

• [x] Security architect has reviewed the changes in this PR,
• [ ] These changes are part of a larger initiative with a separate security review, or
• [ ] There are no security aspects to these changes

[codeclimate[bot]]

Code Climate has analyzed commit c2a0f7ed and detected 1 issue on this pull request.

Here's the issue category breakdown:

Category	Count
Style	1

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 34.3% (0.0% change).

View more on Code Climate.