chore(deps): bump rustls-webpki and tokio-rustls

[sl8vz]

Due to recent vulnerabilities findings, minimal bump to allow lib users to bump necessary crates.

• https://rustsec.org/advisories/RUSTSEC-2026-0047
• https://rustsec.org/advisories/RUSTSEC-2026-0049

[thehouseisonfire]

Thank you for the issue, I have a fix out for this on my end.

[sl8vz]

@thehouseisonfire we're likely moving to your fork since current crate is not maintained

[kattassen]

Some more vulnerabilities found in rustls-webpki. Both of them fixed in 0.103.12 which suggest using this version rather than 0.103.10.

• https://rustsec.org/advisories/RUSTSEC-2026-0098
• https://rustsec.org/advisories/RUSTSEC-2026-0099

[bhormell]

+1 from a downstream consumer (Nodalix industrial automation platform — MQTT + Sparkplug B drivers).

Beyond the RUSTSEC-2026-0047 and -0049 cited in the PR description, this same rustls-webpki 0.102.8 → 0.103.x bump would also resolve three more advisories tagged against the pinned version:

• RUSTSEC-2026-0098 — name constraints for URI names incorrectly accepted
• RUSTSEC-2026-0099 — name constraints accepted for certificates asserting a wildcard name
• RUSTSEC-2026-0104 — reachable panic in CRL parsing

Worth mentioning in the PR description if helpful for reviewer prioritization. Tracked downstream at Nodalix/nodalix-platform#288.

Thanks for the work — appreciated.