go.mod: vulnerabilities: bump go version to 1.23.12

[FilWisher]

What is the problem I am trying to address?

Go vulnerabilities in the current builds cause by building with Go 1.23.5.

How is the fix applied?

Bumping the minor version in go.mod, now at 1.23.12.

What GitHub issue(s) does this PR fix or close?

N/A

Details

govulncheck detects some vulnerabilities from the current builds that are resolved by bumping the minor Go version to .12. I have kept the major version the same.

On current main:

$ go build -o athens ./cmd/proxy/main.go
$ govulncheck -mode binary ./athens
=== Symbol Results ===

Vulnerability #1: GO-2025-3956
    Unexpected paths returned from LookPath in os/exec
  More info: https://pkg.go.dev/vuln/GO-2025-3956
  Standard library
    Found in: os/[email protected]
    Fixed in: os/[email protected]
    Vulnerable symbols found:
      #1: exec.LookPath

Vulnerability #2: GO-2025-3849
    Incorrect results returned from Rows.Scan in database/sql
  More info: https://pkg.go.dev/vuln/GO-2025-3849
  Standard library
    Found in: database/[email protected]
    Fixed in: database/[email protected]
    Vulnerable symbols found:
      #1: sql.Row.Scan
      #2: sql.Rows.Scan

Vulnerability #3: GO-2025-3751
    Sensitive headers not cleared on cross-origin redirect in net/http
  More info: https://pkg.go.dev/vuln/GO-2025-3751
  Standard library
    Found in: net/[email protected]
    Fixed in: net/[email protected]
    Vulnerable symbols found:
      #1: http.Client.Do
      #2: http.Client.Get
      #3: http.Client.Head
      #4: http.Client.Post
      #5: http.Client.PostForm

Vulnerability #4: GO-2025-3563
    Request smuggling due to acceptance of invalid chunked data in net/http
  More info: https://pkg.go.dev/vuln/GO-2025-3563
  Standard library
    Found in: net/http/[email protected]
    Fixed in: net/http/[email protected]
    Vulnerable symbols found:
      #1: internal.chunkedReader.Read

Your code is affected by 4 vulnerabilities from the Go standard library.
This scan also found 0 vulnerabilities in packages you import and 2
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.

After version bump:

$ go build -o athens ./cmd/proxy/main.go
$ govulncheck -mode=binary ./athens 
=== Symbol Results ===

No vulnerabilities found.

Your code is affected by 0 vulnerabilities.
This scan also found 0 vulnerabilities in packages you import and 2
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.

[nrwiersma]

Couple other places to change this:
https://github.com/search?q=repo%3Agomods%2Fathens%20%221.23%22&type=code

[FilWisher]

Good catch, updated!