From 95248ccbef906852b3323175bc3814ead1ffa90b Mon Sep 17 00:00:00 2001
From: Amol Agrawal <amagraw@microsoft.com>
Date: Thu, 28 Apr 2022 17:01:10 +0000
Subject: [PATCH 1/3] update telegraf to 1.22.2 to fix vulns

---
 .trivyignore                 | 18 +++++++-----------
 kubernetes/linux/setup.sh    |  6 +++---
 kubernetes/windows/setup.ps1 |  2 +-
 3 files changed, 11 insertions(+), 15 deletions(-)

diff --git a/.trivyignore b/.trivyignore
index 1b6a7090b..079683ab1 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -1,17 +1,13 @@
 # related to telegraf
 #[vishwa] - Fix telegraf & test all for next release - see work item #https://msazure.visualstudio.com/InfrastructureInsights/_workitems/edit/13322134
-CVE-2021-43816
-CVE-2022-23648
-CVE-2022-24450
-CVE-2022-26652
+# Unfixed as of 4/28/2022
 CVE-2019-3826
 CVE-2022-27191
-CVE-2021-42836
 
 # ruby in /usr/lib
-CVE-2020-36327
-CVE-2021-43809
-CVE-2021-41816
-CVE-2021-41819
-CVE-2021-31799
-CVE-2021-28965
\ No newline at end of file
+# CVE-2020-36327
+# CVE-2021-43809
+# CVE-2021-41816
+# CVE-2021-41819
+# CVE-2021-31799
+# CVE-2021-28965
\ No newline at end of file
diff --git a/kubernetes/linux/setup.sh b/kubernetes/linux/setup.sh
index 709c8f1c4..c478af0e5 100644
--- a/kubernetes/linux/setup.sh
+++ b/kubernetes/linux/setup.sh
@@ -40,10 +40,10 @@ sudo apt-get install jq=1.5+dfsg-2 -y
 #used to setcaps for ruby process to read /proc/env
 sudo apt-get install libcap2-bin -y
 
-wget https://dl.influxdata.com/telegraf/releases/telegraf-1.20.3_linux_$ARCH.tar.gz
-tar -zxvf telegraf-1.20.3_linux_$ARCH.tar.gz
+wget https://dl.influxdata.com/telegraf/releases/telegraf-1.22.2_linux_$ARCH.tar.gz
+tar -zxvf telegraf-1.22.2_linux_$ARCH.tar.gz
 
-mv /opt/telegraf-1.20.3/usr/bin/telegraf /opt/telegraf
+mv /opt/telegraf-1.22.2/usr/bin/telegraf /opt/telegraf
 
 chmod 544 /opt/telegraf
 
diff --git a/kubernetes/windows/setup.ps1 b/kubernetes/windows/setup.ps1
index af9e4b40e..2fd429e43 100644
--- a/kubernetes/windows/setup.ps1
+++ b/kubernetes/windows/setup.ps1
@@ -35,7 +35,7 @@ Write-Host ('Finished Installing Fluentbit')
 
 Write-Host ('Installing Telegraf');
 try {
-    $telegrafUri='https://dl.influxdata.com/telegraf/releases/telegraf-1.20.3_windows_amd64.zip'
+    $telegrafUri='https://dl.influxdata.com/telegraf/releases/telegraf-1.22.2_windows_amd64.zip'
     Invoke-WebRequest -Uri $telegrafUri -OutFile /installation/telegraf.zip
     Expand-Archive -Path /installation/telegraf.zip -Destination /installation/telegraf
     Move-Item -Path /installation/telegraf/*/* -Destination /opt/telegraf/ -ErrorAction SilentlyContinue

From 87463749c4dae5e481c340496db99838ebd59c5e Mon Sep 17 00:00:00 2001
From: Amol Agrawal <amagraw@microsoft.com>
Date: Thu, 28 Apr 2022 17:22:48 +0000
Subject: [PATCH 2/3] remove changes committed by mistake

---
 .trivyignore | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/.trivyignore b/.trivyignore
index 079683ab1..fd8514674 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -5,9 +5,9 @@ CVE-2019-3826
 CVE-2022-27191
 
 # ruby in /usr/lib
-# CVE-2020-36327
-# CVE-2021-43809
-# CVE-2021-41816
-# CVE-2021-41819
-# CVE-2021-31799
-# CVE-2021-28965
\ No newline at end of file
+CVE-2020-36327
+CVE-2021-43809
+CVE-2021-41816
+CVE-2021-41819
+CVE-2021-31799
+CVE-2021-28965
\ No newline at end of file

From 720fb2c6cf7b0b22720a0e2bb2befe3712f90084 Mon Sep 17 00:00:00 2001
From: Amol Agrawal <amagraw@microsoft.com>
Date: Thu, 28 Apr 2022 17:37:40 +0000
Subject: [PATCH 3/3] add CVE present in mdsd telegraf

---
 .trivyignore | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.trivyignore b/.trivyignore
index fd8514674..3a8089422 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -4,6 +4,9 @@
 CVE-2019-3826
 CVE-2022-27191
 
+#still present in mdsd telegraf
+CVE-2021-42836
+
 # ruby in /usr/lib
 CVE-2020-36327
 CVE-2021-43809