Fix multiple CVE

[sseide]

Description

This patch updates some dependencies used to fix multiple security warnings found within these libraries or its dependencies.

Motivation and Context

• jsoup to 1.15.3 (fixes CVE-2022-36033)
• jackson to 2.13.4 and jackson-databind to 2.13.4.2 (fixes CVE-2022-42004, CVE-2022-42003)
• tika-parsers to 1.28.5 (CVE-2022-33879 and for updated dependencies of jackson)

Additionally i added the new GPG key for the jackson project and remove one old key
that expired in 2016. The other key from jackson project expired just some months ago, so i
let it there. The new key is taken from the Jackson main repositories KEYS file (https://github.com/FasterXML/jackson/blob/master/KEYS)

How Has This Been Tested?

Tested ourself using jmeter with newer libraries and run gradle check

Screenshots (if appropriate):

Types of changes

• Bug fix (non-breaking change which fixes an issue)

Checklist:

• My code follows the code style of this project.
• I have updated the documentation accordingly.

[sseide]

i added another update for commons-net to 3.9.0 fixing CVE-2021-37533.
Tests running again without error.

[sseide]

and updated xstream to 1.4.20 fixing CVE-2022-40151 and CVE-2022-41966
local tests running again without problem.