az-tdx-vtpm v0.7.4 built with out-of-date rust-openssl

[bodzhang]

Cargo deny scan flagged az-tdx-vtpm v0.7.4 as utilizing openssl v0.10.62 with known vulnerability:

  The maintainers thank [quitbug](https://github.com/quitbug/) for reporting this vulnerability to us.
├ Announcement: https://github.com/sfackler/rust-openssl/pull/2390
├ Solution: Upgrade to >=0.10.72 (try `cargo update -p openssl`)
├ openssl v0.10.62
  ├── az-cvm-vtpm v0.7.4
  │   └── az-tdx-vtpm v0.7.4

[mkulke]

this can probably be resolved as on the consumer side, the openssl dep for this crate should not be pinned.

e.g. the trustee project is consuming v0.7.4 and the openssl dep is resolved to v0.10.73:

https://github.com/confidential-containers/trustee/blob/71d9f9e8de045a4ac4a137218099aad0c202fa53/Cargo.lock#L3660-L3661