[3.5] Backport update to latest go 1.19.7 release

[jmhbnz]

Mitigates CVE-2023-24532, refer: https://groups.google.com/g/golang-dev/c/3wmx8i5WvNY/m/AEOlccrGAwAJ?utm_medium=email&utm_source=footer

Relates to #15426

/area security

Note: I somehow missed some nested go.mod updates from 1.17 to 1.19 when I previously backported 1.19.6 update so I am tidying up those in this pull request also.

[ahrtr]

Please also update the changelog for both 3.5 and 3.4. @jmhbnz

[jmhbnz]

Please also update the changelog for both 3.5 and 3.4. @jmhbnz

Hey @ahrtr recently when we backported 1.19.6 to 3.5 and 3.4 we added generic go changelog entries to state the migration to 1.19+. Should we make these more specific to go minor release, or are the existing CHANGELOG entries ok?

Example: https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.5.md#go

Go

• Require Go 1.19+.
• Compile with Go 1.19+

[ahrtr]

Right, the existing CHANGELOG entries seem OK. The only minor comment is it's still linking to the previous PR. It shouldn't a big deal, as we may continue to bump go minor version in following patch release. Let's leave it as it's if there is no concern from other maintainers.