Update CRT submodules to latest releases

[IsaevIlya]

Update CRT submodules to latest releases

Full CRT changes

Submodule mountpoint-s3-crt-sys/crt/aws-c-common fadfef4..7a6f5df:
  > Fix dependency build failure on old cmake versions (#1176)
Submodule mountpoint-s3-crt-sys/crt/aws-c-s3 337155f..1c80418:
  > Improve Copy Operation by taking the Source URI (#482)
  > Auto - Update S3 Ruleset & Partition (#483)
  > Fix CI for GCC-13 on Ubuntu-18  (#479)
  > [s3_client]: retry on failed TLS negotiation (#478)
  > [s3_meta_request]: Retry on ExpiredToken (#472)
  > Remove Extra Platform Info That Is Not Used (#475)
  > Respect checksum header over settings from options (#474)
  > Add full object checksum callback (#473)
Submodule mountpoint-s3-crt-sys/crt/aws-c-sdkutils ce09f79..1ae8664:
  > Update Config File Parsing Logic to Parse Services Section (#51)
  > Switch CI to use Roles (#49)
Submodule mountpoint-s3-crt-sys/crt/aws-lc 5982853..697acc6:
  > Prepare release v1.42.0 (#2094)
  > alignas(16) unsupported w/ GCC 7.2 for ARM32 (#2086)
  > Update ML-KEM's internal header files to use unique include guards (#2078)
  > Provide FIPS_is_entropy_cpu_jitter() (#2088)
  > CMake, use 'NOT WIN32' instead of 'UNIX' (#2075)
  > Only need libunwind for testing (#2093)
  > Add more logging for SSL_ERROR_SYSCALL errors in bssl_shim.cc (#2079)
  > Add more test coverage for Ruby/OpenSSL gem (#2085)
  > aws-lc-rs scripts now use nightly (#2087)
  > ML-DSA unique names (#2072)
  > Fix python tests for upstream PR 128036 (#2080)
  > Remove algorithms from testmodulewrapper that are now used in the real modulewrapper (#2069)
  > Fix tpm2-tss CI job (#2076)
  > [EC] ec_nistp P-256 C scalar_mul_{base|public} (#2033)
  > No PR license statement check on a merge (#2074)
  > Migrate 1st batch of CI jobs to CodeBuild (#2067)
  > Ensure PQDSA test suite has length checks on input signatures and public keys (#2062)
  > Fix CI for aws-lc-rs (#2073)
  > Upstream merge 2024 12 13 (#2060)
  > Modified posix builds to enable dilithium by default (#2034)
  > Extend documentation for basic BN_foo functions (#2066)
  > Add PKCS7_print_ctx as a no-op (#2064)
  > Update BoringSSL benchmark to use C++17 (#2063)
  > Prune hanging instances longer than 2 hours (#2061)
  > Add fuzz testing for PKCS7_verify (#2051)
  > [EC] Use s2n-bignum's modular inversion for P-256/384/521 (#2057)
  > Fuzzing PKCS7 encrypted inputs (#2027)
  > Add integration script and CI for ruby 3.1 and 3.2 (#1563)
  > Bring in testing changes from upstream commit 5ee4e95 (#2048)
  > [EC] P-256/384/521 s2n-bignum scalar multiplication (#2036)
  > Use older image with gcc-13 for alpine linux ci (#2054)
  > Just use releasecheck with tcpdump ci (#2055)
  > Address fips hash using adrp instead of adr to increase reach (#2053)
  > Prepare release 1.41.1 (#2052)
  > s2n-bignum update 2024-12-10 (#2050)
  > Fix RSAZABI test and enable IFMA based RSA on Windows (#1869)
  > Upstream merge 2024 12 02 (#2030)
  > Update FIPS v3.0 draft security policy (#2047)
  > Switch ML-DSA to use AWS-LC SHA3 (#2001)
  > Added FIPS 204 documentation, cleanse intermediate values (#2017)
  > Link to NIST website (#2045)
  > Prevent accidental null dereference (#2046)
  > Deprecate recently added PKCS7 functions (#2039)
  > Allow build on Solaris (#2035)
  > Use SHA256 as default digest for OCSP signing (#2038)
  > Add blowfish names to EVP_CIPHER API (#2041)
  > Initialize arrays as arrays (#2042)
  > Add AWS-LC-FIPS v3.0 policy docs (#2043)
  > Implement PKCS7_verify, update PKCS7_sign (#1993)
  > Move PQDSA to FIPS module (#2032)
  > Only abort when RSA PWCT fail in FIPS (#2020)
  > Revert "Trim some redundant Arm feature detection files" (#1979)
  > Fix perl handling of paths w/ spaces (#2005)
  > Upstream merge 2024 11 18 (#2012)
  > Fix CI issues with ML-DSA (#2031)
  > strdup is not C99 (#2008)
  > Add ML-DSA-44 and ML-DSA-87 to PQDSA API (#2009)
  > Coverity fixes for P173127397 (#2014)
  > Fix strongSwan CI (#2028)
  > Ran minimise_corpora.sh (#2024)
  > Expose BN_set_flags as a no-op (#2021)
  > Fix segfault in PKCS7 test (#2025)
  > Update aws-lc-nginx.patch for nginx v1.27.3 (#2023)
  > Fix python 3.13 patch (#2026)
  > Allow constructed strings in BER parsing (#2015)
Submodule mountpoint-s3-crt-sys/crt/s2n-tls 493b771..2e79e7e:
  > refactor(bench): remove historical benchmarks (#4940)
  > fix: pem parsing detection of last cert errors (#4908)
  > docs: specify s2n_blob growable conditions (#4943)
  > chore(bindings): move tokio examples to dedicated folder (#4954)
  > chore: fix GHA for merge-queue (#4973)
  > chore(binding): release 0.3.8 (#4969)
  > (chore): Installs Nix in AL2023 Buildspec (#4934)
  > build(deps): bump the all-gha-updates group in /.github/workflows with 5 updates (#4961)
  > feat(s2n-tls-hyper): Add support for negotiating HTTP/2 (#4924)
  > tests: allow TLS1.2 with RSA-PSS certs in integ tests (#4949)
  > ci: update CRT test ubuntu version to ubuntu24 (#4964)
  > feat(bindings): enable application owned certs (#4937)
  > ci: batch dependabot updates (#4959)
  > ci(refactor): deprecate Omnibus (#4953)
  > build(deps): bump actions/cache from 2.1.4 to 4.1.2 in /.github/workflows (#4928)
  > build(deps): bump peaceiris/actions-gh-pages from 3 to 4 in /.github/workflows (#4921)
  > build(deps): bump cross-platform-actions/action from 0.23.0 to 0.26.0 in /.github/workflows (#4951)
  > build(deps): bump github/codeql-action from 2 to 3 in /.github/workflows (#4917)
  > ci: add change directory to third-party-src logic (#4950)
  > feat: TLS1.2 support for RSA-PSS certificates (#4927)
  > feat: feature probe S2N_LIBCRYPTO_SUPPORTS_ENGINE (#4878)
  > test(bindings): run unit tests under asan (#4948)
  > ci(refactor): remove ASAN from Omnibus and GeneralBatch (#4946)
  > ci(refactor): remove fuzz tests from Omnibus (#4945)
  > refactor: add a s2n_libcrypto_is_openssl() helper function (#4930)
  > fix(s2n-tls-hyper): Add proper IPv6 address formatting (#4938)
  > ci: add openssl-1.0.2-fips to fuzz test (#4942)
  > ci(refactor): remove Valgrind checks from omnibus and generalBatch (#4913)
  > fix(bindings): address clippy issues from 1.83 (#4941)
  > test: pin tests to explicit TLS 1.2/TLS 1.3 policy (#4926)
  > (chore): Fixes team-label github action (#4935)
  > chore: add new team member (#4939)
  > upgrade cmake version to 3.9 (#4933)
  > ci: add awslc-fips and openssl-1.0.2-fips to valgrind (#4912)
  > chore(bindings): feature gate network testsa and relax http status assertions (#4907)
  > chore: Ocsp timeout adjustment (#4866)
  > build(deps): bump aws-actions/configure-aws-credentials from 4.0.1 to 4.0.2 in /.github/workflows (#4892)
  > test: expand s2n_record_read testing to both TLS1.3 and TLS1.2 (#4903)
  > test: pin optional client auth test to a TLS 1.2 policy (#4914)
  > feat: add alert mappings for certificate errors (#4919)
  > doc: document generating bindings with prebuilt libs2n (#4872)
  > ci: Move kTLS test out of GeneralBatch (#4904)
  > build(deps): bump actions/checkout from 3 to 4 in /.github/workflows (#4888)
  > test(s2n-tls-hyper): matching on s2n-tls error (#4906)
  > build(deps): bump nixbuild/nix-quick-install-action from 21 to 29 in /.github/workflows (#4890)
  > build(deps): bump JulienKode/team-labeler-action from 0.1.1 to 1.3 in /.github/workflows (#4889)
  > tests: pin tests to a numbered TLS1.2 policy (#4905)
  > test: remove load system certs functionality for s2n_default_tls13_config (#4897)
  > doc: add information about s2n-tls software architecture (#4868)
  > ci: grant dependabot status update permissions (#4898)
  > ci: fixes for cargo audit (#4895)
  > test(s2n-tls-hyper): Add localhost http tests (#4838)
  > test: add rust well-known-endpoint tests (#4884)
  > chore: bindings release 0.3.7 (#4894)
  > chore: add a cargo audit action (#4862)
  > ci: add open fds valgrind check (#4851)

Does this change impact existing behavior?

No.

Does this change need a changelog entry?

No.

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and I agree to the terms of the Developer Certificate of Origin (DCO).

[passaro]

Can you also add a detailed changelog section to the description?

Look for example at the one in #1195:

<details>
  <summary>Full CRT changelog:</summary>
  
` ` `
Submodule mountpoint-s3-crt-sys/crt/aws-c-common be8ed873..fadfef49:
  > Support relative paths when prebuilding dependencies with CMake (#1174)
  > Switch CI to use roles (#1173)
Submodule mountpoint-s3-crt-sys/crt/aws-c-s3 45894ed3..337155f6:
  > Support full object checksum (#468)
  > [meta request]: assign shutdown_callback inside critical region (#470)
  > Switch CI to use roles (#463)
` ` `
</details>

[passaro]

Looks good!