remove gosu CVE's by custom building gosu with updated golang

[nathanlaceyraft]

gosu is build with a unsupported version of go (1.18) The two support go versions that have the most CVE's resolved are 1.23.6 and 1.24.0 I felt using 1.23.6 was a safer upgrade.

This PR custom builds gosu with a currently supported go version. And copies it into the final image.

trivy image --scanners vuln wiremock/wiremock:3.12.0 shows that we'll get rid of the following CVE's

usr/local/bin/gosu (gobinary)

Total: 58 (UNKNOWN: 0, LOW: 1, MEDIUM: 23, HIGH: 31, CRITICAL: 3)

Thanks for your consideration

• TODO

Submitter checklist

• [ ] Recommended: Join WireMock Slack to get any help in #help-contributing or a project-specific channel like #wiremock-java
• [ ] The PR request is well described and justified, including the body and the references
• [ ] The PR title represents the desired changelog entry
• [ ] The repository's code style is followed (see the contributing guide)
• [ ] Test coverage that demonstrates that the change works as expected
• [ ] For new features, there's necessary documentation in this pull request or in a subsequent PR to wiremock.org

[edminshull]

Is there a desire to get this one merged? We're also facing CVEs with golang