fix: bump openssl version

[LesnyRumcajs]

Summary of changes

Changes introduced in this pull request:

• fixes openssl vulnerability reported by cargo deny and blocking the CI

Reference issue to close (if applicable)

Closes

Other information and links

error[vulnerability]: ssl::select_next_proto use after free
    ┌─ /home/rumcajs/prj/forest-explorer/Cargo.lock:192:1
    │
192 │ openssl 0.10.68 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2025-0004
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2025-0004
    ├ In `openssl` versions before `0.10.70`, `ssl::select_next_proto` can return a slice pointing into the `server` argument's buffer but with a lifetime bound to the `client` argument. In situations where the `server` buffer's lifetime is shorter than the `client` buffer's, this can cause a use after free. This could cause the server to crash or to return arbitrary memory contents to the client.

      `openssl` 0.10.70 fixes the signature of `ssl::select_next_proto` to properly constrain the output buffer's lifetime to that of both input buffers.

      In standard usage of `ssl::select_next_proto` in the callback passed to `SslContextBuilder::set_alpn_select_callback`, code is only affected if the `server` buffer is constructed *within* the callback. For example:

      Not vulnerable - the server buffer has a `'static` lifetime:
      ```rust
      builder.set_alpn_select_callback(|_, client_protos| {
          ssl::select_next_proto(b"\x02h2", client_protos).ok_or_else(AlpnError::NOACK)
      });
      ```

      Not vulnerable - the server buffer outlives the handshake:
      ```rust
      let server_protos = b"\x02h2".to_vec();
      builder.set_alpn_select_callback(|_, client_protos| {
          ssl::select_next_proto(&server_protos, client_protos).ok_or_else(AlpnError::NOACK)
      });
      ```

      Vulnerable - the server buffer is freed when the callback returns:
      ```rust
      builder.set_alpn_select_callback(|_, client_protos| {
          let server_protos = b"\x02h2".to_vec();
          ssl::select_next_proto(&server_protos, client_protos).ok_or_else(AlpnError::NOACK)
      });
      ```
    ├ Announcement: https://github.com/sfackler/rust-openssl/security/advisories/GHSA-rpmj-rpgj-qmpm
    ├ Solution: Upgrade to >=0.10.70 (try `cargo update -p openssl`)
    ├ openssl v0.10.68
      └── native-tls v0.2.12
          ├── hyper-tls v0.6.0
          │   └── reqwest v0.12.12
          │       └── forest-explorer v0.1.0
          ├── reqwest v0.12.12 (*)
          └── tokio-native-tls v0.3.1
              ├── hyper-tls v0.6.0 (*)
              └── reqwest v0.12.12 (*)

Change checklist

• I have performed a self-review of my own code,
• I have made corresponding changes to the documentation. All new code
  adheres to the team's
  documentation standards,
• I have added tests that prove my fix is effective or that my feature works
  (if possible),
• I have made sure the CHANGELOG is up-to-date. All user-facing changes
  should be reflected in this document.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 10.10%. Comparing base (4462a8c) to head (3094c21).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #132   +/-   ##
=======================================
  Coverage   10.10%   10.10%           
=======================================
  Files          25       25           
  Lines        1277     1277           
=======================================
  Hits          129      129           
  Misses       1148     1148           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.