Update Octopus.Tentacle dependencies to mitigate System.Drawing.Common CVE

[acodrington]

Remove implicit dependencies on System.Drawing.Common to address CVE-2021-24112. This is achieved by updating the following references in Octopus.Tentacle to the latest versions:

• System.Diagnostics.EventLog (7.0.0 -> 8.0.0)
• System.DirectoryServices.AccountManagement (5.0.0 -> 8.0.0)
• System.Security.Cryptography.ProtectedData (4.5.0 -> 8.0.0)

Background

There is a CVE lodged against the version of System.Drawing.Common being referenced.

Results

Partially fixes Upgrade all usages of System.Drawing.Common in Tentacle.

The following will be completed in future PRs to fully address the CVE:

• Halibut must be updated to a new version that mitigates this vulnerability
• Implicit references in Octopus.Tentacle.Contracts must be removed.

Before

Octopus.Tentacle implicitly references System.Drawing.Common 5.0.0

After

No implicit references to System.Drawing.Common in Octopus.Tentacle

How to review this PR

Quality ✔️

Pre-requisites

• I have read How we use GitHub Issues for help deciding when and where it's appropriate to make an issue.
• I have considered informing or consulting the right people, according to the ownership map.
• I have considered appropriate testing for my change.

[acodrington]

[sc-65659]

[shortcut-integration]

This pull request has been linked to Shortcut Story #65659: Find where we missed updating System.ServiceProcess.ServiceController in Tentacle due to CVE.

[evolutionise]

LGTM

We can close the related issue when I merge the PR with the updated Halibut version I guess