Mitigate CVE-2023-37920 by removing e-Tugra root certificates

[sbernauer]

Description

Secobserve shows 396 hits across all image and all versions

Definition of Done Checklist

• Not all of these items are applicable to all PRs, the author should update this template to only leave the boxes in that are relevant
• Please make sure all these things are done and tick the boxes

- [x] Changes are OpenShift compatible
- [x] All added packages (via microdnf or otherwise) have a comment on why they are added
- [x] Things not downloaded from Red Hat repositories should be mirrored in the Stackable repository and downloaded from there
- [x] All packages should have (if available) signatures/hashes verified
- [x] Add an entry to the CHANGELOG.md file
- [x] Integration tests ran successfully

TIP: Running integration tests with a new product image

The image can be built and uploaded to the kind cluster with the following commands: ```shell bake --product --image-version kind load docker-image --name= ``` See the output of `bake` to retrieve the image tag for ``.

[fhennig]

SBOM and Changelog? Looks good otherwise

[sbernauer]

Add a changelog entry, thanks!

AFAIK the sboms are automatically build on push, @lfrancke can we remove the checklist item Does your change affect an SBOM? Make sure to update all SBOMs?

[lfrancke]

Yes, that checklist item can be removed (for now). Andrew also asked me about it. I'm sorry, it causes more confusion than it does good right now. I'll raise a PR for it.

At some point this might become relevant again but not now.