Advisories for Golang/Zotregistry.dev/Zot package

When using Keycloak as an oidc provider, the clientsecret gets printed into the container stdout logs for an example at container startup.

This advisory duplicates another.

The group data stored for users in the boltdb database (meta.db) is an append-list so group revocations/removals are ignored in the API.

Cache driver GetBlob() allows read access to any blob without access control check