Update vendored openssl, sequoia-openpgp and zerovec crates

The previous version of those crates have known security issues, fixed
in the latest version:

openssl v0.10.64 → v0.10.66 (RUSTSEC-2024-0357)
sequoia-openpgp v1.20.0 → v1.21.2 (RUSTSEC-2024-0345)
zerovec v0.10.2 → v0.10.4 (RUSTSEC-2024-0347)
zerovec-derive v0.10.2 → v0.10.3 (RUSTSEC-2024-0346)

Related: RHEL-45863
Signed-off-by: Daiki Ueno <dueno@redhat.com>

rust-sequoia-sq.spec

@@ -26,6 +26,7 @@ Source0:        %{crates_source}
 # Generated using cargo-vendor-filterer:
 #   cargo download %%{crate}==%%{version} > %%{crate}-%%{version}.crate
 #   tar xf %%{crate}-%%{version}.crate
+#   cargo update ... # optional, if you want to update specific dependencies
 #   pushd %%{crate}-%%{version}
 #   cargo vendor-filterer --platform x86_64-unknown-linux-gnu \
 #                         --platform powerpc64le-unknown-linux-gnu \
@@ -106,6 +107,8 @@ License:        LGPL-2.0-or-later AND Apache-2.0 AND BSL-1.0 AND BSD-3-Clause AN
 
 # drop broken integration tests
 rm -vr subplot/
+# don't lock the dependencies
+rm -f Cargo.lock
 %else
 %cargo_prep
 # drop broken integration tests

sources

@@ -1,3 +1,3 @@
 SHA512 (sequoia-sq-0.37.0.crate) = c716284bfd1f8492d7f073c07adbbfd73495573a8503d7aa5e24a42873a50392086c69c25a1bd655e3d09df6c369bc2568d02dfda3dc83c189cb9187c440162c
-SHA512 (rust-sequoia-sq-0.37.0-vendor.tar.xz) = 2776bfdeb0ab15b2de38175cd964dfdcf2c56cfd8464fc7ab61e9555afc40931e9e090cea3b42137a64333bd9711c6621b2cf4098a47c24b50e5e6cd0d3216d7
+SHA512 (rust-sequoia-sq-0.37.0-vendor.tar.xz) = 27ef8c7dfbb535ce51534b9bd66a5cea2f5fcf779dfd69b95002b0e0e30641f9bc69240d83ed8dc11e07ca79cec1dd067938e4367036d85f8367a2ec6c09e45b
 SHA512 (capnproto-c++-1.0.1.tar.gz) = c60291f433eea15a51e480e1679a4b9b3b5e67edebc445e371a7a32fce6ec5a7e4b440b17b2adc0565519ec369e3dae8ea727ae790a082a53ecd0d245b5275a9