chore(deps): bump github.com/containerd/containerd/v2 from 2.2.4 to 2.2.5 in the containerd group

[dependabot]

Bumps the containerd group with 1 update: github.com/containerd/containerd/v2.

Updates github.com/containerd/containerd/v2 from 2.2.4 to 2.2.5

Release notes

Sourced from github.com/containerd/containerd/v2's releases.

containerd 2.2.5

Welcome to the v2.2.5 release of containerd!

The fifth patch release for containerd 2.2 contains various fixes and updates including security patches.

Security Updates

• containerd
  • CVE-2026-50195
  • CVE-2026-53488
  • CVE-2026-53492
  • CVE-2026-53489
  • CVE-2026-47262

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Samuel Karp
• Chris Henzie
• Akihiro Suda
• Derek McGowan
• Maksym Pavlenko
• Akhil Mohan
• Ben Cressey
• Brian Goff
• Davanum Srinivas
• Sebastiaan van Stijn

Changes

• Prepare release notes for v2.2.5 (#13628)
  • 269031099 Prepare release notes for v2.2.5
  • ad59aa564 Merge commit from fork
  • 0b4d23690 Merge commit from fork
  • be8460656 cri: filter CDI annotations on checkpoint restore
  • 347240f72 Merge commit from fork
  • cff578841 cri: do not re-tag restored checkpoints
  • 668cf2c2f Merge commit from fork
  • 357652293 cri: make checkpoint restore robust to unexpected archive content
  • d43da05af Merge commit from fork
  • 30708e8d1 Bound user-database file reads in openUserFile
  • 028647ea2 Merge commit from fork
  • b6072a49f Do not propagate reserved labels from image configs
• vendor: golang.org/x/crypto v0.53.0 (#13607)
  • cfea2c141 [release/2.2] vendor: golang.org/x/crypto v0.53.0

... (truncated)

Commits

• e53c7c1 Merge pull request #13628 from samuelkarp/prepare-2.2.5
• 2690310 Prepare release notes for v2.2.5
• ad59aa5 Merge commit from fork
• 8bea48a Merge pull request #13607 from thaJeztah/2.2_bump_crypto
• 699c4fb Merge pull request #13606 from AkihiroSuda/runc-1.3.6-containerd-2.2
• cfea2c1 [release/2.2] vendor: golang.org/x/crypto v0.53.0
• fc96ea6 update runc binary to v1.3.6
• 0b4d236 Merge commit from fork
• 347240f Merge commit from fork
• 668cf2c Merge commit from fork
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
github.com/containerd/containerd/v2	[>= 2.3.a, < 2.4]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions