Fix cves for libcrpyto3 and libssl3

[bjee19]

Update Dockerfile alpine packages libcrpyto3 and libssl3 to fix cves.

Verified NGINX Plus image does not contain libcrpyto3 or libssl3 alpine packages, and after these changes, the packages in the built docker image have the updated versions.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.80%. Comparing base (d32ef5a) to head (43d9395).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3993      +/-   ##
==========================================
+ Coverage   86.78%   86.80%   +0.01%     
==========================================
  Files         128      128              
  Lines       16607    16607              
  Branches       62       62              
==========================================
+ Hits        14412    14415       +3     
+ Misses       2011     2009       -2     
+ Partials      184      183       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[bjee19]

CVE links:

https://security.alpinelinux.org/vuln/CVE-2025-9230
https://security.alpinelinux.org/vuln/CVE-2025-9231
https://security.alpinelinux.org/vuln/CVE-2025-9232

Choosing not to apk add openssl>=3.5.4-r0 since the openssl whole package isn't actually used, only the libcrpyto3 and libssl3 packages are used. So we can instead just do those 2 packages.

docker run --rm \
  --entrypoint /bin/sh \
  nginx-gateway-fabric/nginx:b.jee \
  -c 'apk list --installed'

...
libssl3-3.5.4-r0 aarch64 {openssl} (Apache-2.0) [installed]
...
libcrypto3-3.5.4-r0 aarch64 {openssl} (Apache-2.0) [installed]

Which are the correct versions.