Update MongoDB tools, Go version

[padyx]

As mentioned in #37 there are some other vulnerabilities caused by an the inclusion of a version of MongoDB tools, which in turn did not update their dependency on a vulnerable MongoDB Go-Driver:
MongoDB 100.4.0 includes the new GoDriver 1.6.

Upgrading this dependency should hopefully eliminate the appearance of CVE-2020-28852, CVE-2020-29652 for backman in Vulnerability reports.

But the new MongoDB driver is now included in the tools from 100.4.0 and above. See release notes

I've also included a small change to upgrade to the newest supported Go version without changing the minor (1.16.3 -> 1.16.7) .

[padyx]

I've rebuilt the image locally and uploaded it for a scan to an internal security engine.

Good news

• Along with the update of Go and new Ubuntu packages, the image went from 67 to 52 (potential) security issues.
• CVE-2020-28472 seems resolved (aws-sdk package)
• MongoDB Driver-related issue resolved (no CVE)
• CVE-2020-28852 seems resolved

Not so good

• CVE-2020-29652 sadly not resolved -- the mongodb-tools still depend on an old version of golang.org/x/crypto

However, I believe this PR would still make sense, as it does reduce the attack surface :)

[JamesClonk]

@padyx Unfortunately I cannot merge this PR.

• Our internal MongoDB service offering is on v4.x, I do not want to mismatch the major version of client and server tooling
• While experimenting with the 5.x tooling I continuously ran in the following bug: https://jira.mongodb.org/browse/TOOLS-2946

I did update the Golang version in the Dockerfile from 1.16.3 to 1.16.7 though.

[JamesClonk]

@padyx Further testing showed that the 5.x tools seem to work fine with the 4.x server, so I've updated them in the Dockerfile and CI/build scripts. I've built a new docker image 1.28.1 with it.

[padyx]

Awesome, thank you!