diff --git a/utils/containerd/Makefile b/utils/containerd/Makefile
index 3ab64999..0be5b3ba 100644
--- a/utils/containerd/Makefile
+++ b/utils/containerd/Makefile
@@ -1,34 +1,45 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=containerd
-PKG_VERSION:=1.4.3
-PKG_RELEASE:=4
+PKG_VERSION:=1.2.13
+PKG_RELEASE:=2
 PKG_LICENSE:=Apache-2.0
 PKG_LICENSE_FILES:=LICENSE
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/containerd/containerd/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=bc6d9452c700af0ebc09c0da8ddba55be4c03ac8928e72ca92d98905800c8018
-PKG_SOURCE_VERSION:=269548fa27e0089a8b8278fc4fc781d7f65a939b
+PKG_HASH:=0811057ab67b78ce911416e793edaeb14b3f1e105d67b8e67b6302e0eab572e4
+PKG_SOURCE_VERSION:=7ad184331fa3e55e52b890ea95e65ba581ae3429
 
 PKG_MAINTAINER:=Gerard Ryan <G.M0N3Y.2503@gmail.com>
 
 PKG_BUILD_DEPENDS:=golang/host
 PKG_BUILD_PARALLEL:=1
 PKG_INSTALL:=1
-PKG_USE_MIPS16:=0
 
 GO_PKG:=github.com/containerd/containerd
 
 include $(INCLUDE_DIR)/package.mk
 include ../../lang/golang/golang-package.mk
 
+define Package/containerd/config
+config CONTAINERD_SECCOMP
+	depends on PACKAGE_containerd
+	bool "Enable support for seccomp in containerd"
+	default DOCKER_SECCOMP
+	select KERNEL_SECCOMP
+	select PACKAGE_libseccomp
+	help
+	  Build containerd with support for seccomp filters.
+	  Select libseccomp which also pulls-in the needed kernel features.
+endef
+
 define Package/containerd
   SECTION:=utils
   CATEGORY:=Utilities
   TITLE:=containerd container runtime
   URL:=https://containerd.io/
-  DEPENDS:=$(GO_ARCH_DEPENDS) +btrfs-progs +runc
+  DEPENDS:=$(GO_ARCH_DEPENDS) @(aarch64||arm||x86_64) +btrfs-progs +runc +CONTAINERD_SECCOMP:libseccomp
   MENU:=1
 endef
 
@@ -41,21 +52,30 @@ GO_PKG_INSTALL_ALL:=1
 MAKE_PATH:=$(GO_PKG_WORK_DIR_NAME)/build/src/$(GO_PKG)
 MAKE_VARS += $(GO_PKG_VARS)
 MAKE_FLAGS += \
+	DESTDIR="$(PKG_INSTALL_DIR)" \
 	VERSION=$(PKG_VERSION) \
 	REVISION=$(PKG_SOURCE_VERSION)
 
-ifeq ($(CONFIG_SELINUX),y)
-MAKE_FLAGS += BUILDTAGS='selinux'
+ifeq ($(CONFIG_CONTAINERD_SECCOMP),y)
+MAKE_FLAGS += BUILDTAGS='seccomp'
 else
 MAKE_FLAGS += BUILDTAGS=''
 endif
 
-# Reset golang-package.mk overrides so we can use the Makefile
-Build/Compile=$(call Build/Compile/Default)
+define Build/Compile
+	$(call Build/Compile/Default)
+endef
+
+# Avoid installing binaries
+define Build/InstallDev
+	$(call Build/Compile/Default,clean)
+	rm -f $(STAMP_BUILT)
+	$(call GoPackage/Build/InstallDev,$(1))
+endef
 
 define Package/containerd/install
 	$(INSTALL_DIR) $(1)/usr/bin/
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/bin/{ctr,containerd,containerd-stress,containerd-shim,containerd-shim-runc-v1,containerd-shim-runc-v2} $(1)/usr/bin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/bin/{ctr,containerd,containerd-stress,containerd-shim} $(1)/usr/bin/
 endef
 
 $(eval $(call BuildPackage,containerd))
diff --git a/utils/docker-ce/Makefile b/utils/docker-ce/Makefile
index 49563912..a1c1588a 100644
--- a/utils/docker-ce/Makefile
+++ b/utils/docker-ce/Makefile
@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=docker-ce
 PKG_VERSION:=19.03.12
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 PKG_LICENSE:=Apache-2.0
 PKG_LICENSE_FILES:=components/cli/LICENSE components/engine/LICENSE
 
@@ -30,6 +30,7 @@ PKG_BUILD_DEPENDS:=golang/host
 PKG_BUILD_PARALLEL:=1
 
 GO_PKG:=github.com/docker
+GO_PKG_BUILD_VARS += GO111MODULE=auto
 
 include $(INCLUDE_DIR)/package.mk
 include ../../lang/golang/golang-package.mk
diff --git a/utils/libnetwork/Makefile b/utils/libnetwork/Makefile
index 92d7c3ec..ac44ea17 100644
--- a/utils/libnetwork/Makefile
+++ b/utils/libnetwork/Makefile
@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libnetwork
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 PKG_LICENSE:=Apache-2.0
 PKG_LICENSE_FILES:=LICENSE
 
@@ -37,6 +37,8 @@ Libnetwork provides a native Go implementation for connecting containers.
 The goal of libnetwork is to deliver a robust Container Network Model that provides a consistent programming interface and the required network abstractions for applications.
 endef
 
+GO_PKG_BUILD_VARS += GO111MODULE=auto
+
 define Package/libnetwork/install
 	$(call GoPackage/Package/Install/Bin,$(PKG_INSTALL_DIR))
 
diff --git a/utils/runc/Makefile b/utils/runc/Makefile
index c4de6fb4..d823cbbc 100644
--- a/utils/runc/Makefile
+++ b/utils/runc/Makefile
@@ -1,21 +1,20 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=runc
-PKG_VERSION:=1.0.0-rc93
-PKG_RELEASE:=1
+PKG_VERSION:=1.0.0-rc10
+PKG_RELEASE:=2
 PKG_LICENSE:=Apache-2.0
 PKG_LICENSE_FILES:=LICENSE
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/opencontainers/runc/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=e42456078d2f76c925cdd656e4f423b918525d8188521de05e893b6bb473a6f8
-PKG_SOURCE_VERSION:=12644e614e25b05da6fd08a38ffa0cfe1903fdec
+PKG_HASH:=6b44985023347fb9c5a2cc6f761df8c41cc2c84a7a68a6e6acf834dff6653a9a
+PKG_SOURCE_VERSION:=dc9208a3303feef5b3839f4323d9beb36df0a9dd
 
 PKG_MAINTAINER:=Gerard Ryan <G.M0N3Y.2503@gmail.com>
 
 PKG_BUILD_DEPENDS:=golang/host
 PKG_BUILD_PARALLEL:=1
-PKG_INSTALL:=1
 PKG_USE_MIPS16:=0
 
 GO_PKG:=github.com/opencontainers/runc
@@ -23,38 +22,58 @@ GO_PKG:=github.com/opencontainers/runc
 include $(INCLUDE_DIR)/package.mk
 include ../../lang/golang/golang-package.mk
 
+define Package/runc/config
+config RUNC_SECCOMP
+	depends on PACKAGE_runc
+	bool "Enable support for seccomp in runc"
+	default DOCKER_SECCOMP
+	select KERNEL_SECCOMP
+	select PACKAGE_libseccomp
+	help
+	  Build runc with support for seccomp filters.
+	  Select libseccomp which also pulls-in the needed kernel features.
+endef
+
 define Package/runc
   SECTION:=utils
   CATEGORY:=Utilities
   TITLE:=runc container runtime
   URL:=https://www.opencontainers.org/
-  DEPENDS:=$(GO_ARCH_DEPENDS) +KERNEL_SECCOMP_FILTER:libseccomp
+  DEPENDS:=$(GO_ARCH_DEPENDS) @(aarch64||arm||x86_64) +RUNC_SECCOMP:libseccomp
+  MENU:=1
 endef
 
 define Package/runc/description
 runc is a CLI tool for spawning and running containers according to the OCI specification.
 endef
 
+GO_PKG_BUILD_VARS += GO111MODULE=auto
 GO_PKG_INSTALL_ALL:=1
 MAKE_PATH:=$(GO_PKG_WORK_DIR_NAME)/build/src/$(GO_PKG)
 MAKE_VARS += $(GO_PKG_VARS)
-MAKE_FLAGS += COMMIT=$(PKG_SOURCE_VERSION)
+MAKE_FLAGS += \
+	COMMIT=$(PKG_SOURCE_VERSION)
 
 ifeq ($(ARCH),mips)
 MAKE_FLAGS += EXTRA_FLAGS='-buildmode=default'
 endif
 
-BUILDTAGS:=
-ifeq ($(CONFIG_KERNEL_SECCOMP_FILTER),y)
-BUILDTAGS += seccomp
+ifeq ($(CONFIG_RUNC_SECCOMP),y)
+MAKE_FLAGS += BUILDTAGS='seccomp'
+else
+MAKE_FLAGS += BUILDTAGS=''
 endif
-ifeq ($(CONFIG_SELINUX),y)
-BUILDTAGS += selinux
-endif
-MAKE_FLAGS += BUILDTAGS='$(BUILDTAGS)'
 
-# Reset golang-package.mk overrides so we can use the Makefile
-Build/Compile=$(call Build/Compile/Default)
+define Build/Compile
+	$(call Build/Compile/Default)
+endef
+
+# Avoid installing binaries
+define Build/InstallDev
+	$(call Build/Compile/Default,clean)
+	rm -f $(STAMP_BUILT)
+	$(call GoPackage/Build/InstallDev,$(1))
+endef
 
 define Package/runc/install
 	$(INSTALL_DIR) $(1)/usr/sbin/