Upgrade okio to resolve CVE-2023-3635

[Magamir]

CVE-2023-3635 was reported as a vulnerability of okio which okhttp depends on. As far as I can see, there's no released version of okhttp which uses at least okio 3.4.0 which fixed the vulnerability.

Could you please update okhttp to use a version which includes the fix?

For further reference, see also:

• GHSA-w33c-445m-f8w7
• CVE-2023-3635 in com.squareup.okio:okio-jvm:3.0.0 okio#1310 implies that there are no breaking changes in the last versions.

Thank you,
Matthias.

[yschimke]

Dupe of #7994 and #7944