chore(dependencies): pin org.bitbucket.b_c:jose4j to version 0.9.3

to resolve GHSA-jgvc-jfgh-rjvv

No change in dependencies in kork. $ ./gradlew clouddriver-kubernetes:dependencies and
./gradlew orca-clouddriver:dependencies change as follows.

before:

+--- io.kubernetes:client-java -> 11.0.4
|    \--- org.bitbucket.b_c:jose4j:0.7.3
|         \--- org.slf4j:slf4j-api:1.7.21 -> 1.7.36

after:

+--- io.kubernetes:client-java -> 11.0.4
|    \--- org.bitbucket.b_c:jose4j:0.7.3 -> 0.9.3
|         \--- org.slf4j:slf4j-api:1.7.21 -> 1.7.36

Note that spinnaker/clouddriver#6133 teaches clouddriver to use
version 13.0.2 of io.kubernetes.client-java-api-fluent. It's easy enough to get version
13.0.2 of io.kubernetes.client-java as well.  Unfortunately, that only brings the
dependency on org.bitbucket.b_c:jose4j from 0.7.3 to 0.7.8 which doesn't resolve the
vulnerability.

It takes at least [version 18.0.0 of
io.kubernetes.java:client-java](https://github.com/kubernetes-client/java/blob/v18.0.0/pom.xml#L153)
to get version 0.9.3 of org.bitbucket.b_c:jose4j "naturally", and doing that causes a
bunch of compiler errors in clouddriver.

spinnaker-dependencies/spinnaker-dependencies.gradle

@@ -139,6 +139,7 @@ dependencies {
     api("javax.xml.bind:jaxb-api:2.3.1")
     api("net.logstash.logback:logstash-logback-encoder:4.11")
     api("org.apache.commons:commons-exec:1.3")
+    api("org.bitbucket.b_c:jose4j:0.9.3")
     //  from BC 1.71, module names changed from *-jdk15on to *-jdk18on
     // due to this change, some of the modules in downstream services like clouddriver, gate would fall back to
     // lower versions(<1.70) as transitive dependencies. So to make them use BC >=1.74(CVE free versions),