Closed siprbaum closed 4 months ago
This issue is stale because it has been open 14 days with no activity. Please comment or this will be closed in 7 days.
This issue is stale because it has been open 14 days with no activity. Please comment or this will be closed in 7 days.
This issue was closed because it has been stalled for 21 days with no activity. Feel free to re-open if you are experiencing the issue again.
You are using quite an old version of telegraf (version 1.21), see https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/6dce6a9d51401ab8f11cf10f8b64d06c700eb481/charts/csi-secrets-store-provider-azure/templates/arc-monitoring.yaml#L86C19-L86C79
This shows up for us in a security monitoring with CVE-2021-3999 for glibc.
Nevertheless, it seems that upstream is not even maintaining the docker container for 1.21 anymore, as even the dockerfile was removed in https://github.com/influxdata/influxdata-docker/commit/4ad7a32b90eae8c71a5d685050837c850cf4f365 at 2022-09-12.
Please be so kind and provide an updated version which uses maintained software, staying up-to-date on security issues.
docker scout output:
So even a simple update of the base image would reduce the critical findings.