Bump go toolchain version to address CVE-2023-45288

Changes:
- Bump release-3.6 toolchain version to 1.22.2 due to CVE-2023-45288
- Bump golang.org/x/net to v0.23.0
- Update CHANGELOG-3.4, CHANGELOG-3.5, and CHANGELOG-3.6
- Bump go version in rw-heatmaps (which was still at 1.21 where
everything else is at 1.22)

Reference:
- PR #17703

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>

.go-version

@@ -1 +1 @@
-1.22.1
+1.22.2

CHANGELOG/CHANGELOG-3.4.md

@@ -9,6 +9,9 @@ Previous change logs can be found at [CHANGELOG-3.3](https://github.com/etcd-io/
 ### Package `clientv3`
 - Add [requests retry when receiving ErrGPRCNotSupportedForLearner and endpoints > 1](https://github.com/etcd-io/etcd/pull/17692).
 
+### Dependencies
+- Compile binaries using [go 1.21.9](https://github.com/etcd-io/etcd/pull/17709).
+
 <hr>
 
 ## v3.4.31 (2024-03-21)

CHANGELOG/CHANGELOG-3.5.md

@@ -9,6 +9,9 @@ Previous change logs can be found at [CHANGELOG-3.4](https://github.com/etcd-io/
 ### Package `clientv3`
 - Add [requests retry when receiving ErrGPRCNotSupportedForLearner and endpoints > 1](https://github.com/etcd-io/etcd/pull/17641).
 
+### Dependencies
+- Compile binaries using [go 1.21.9](https://github.com/etcd-io/etcd/pull/17708).
+
 <hr>
 
 ## v3.5.13 (2024-03-29)

CHANGELOG/CHANGELOG-3.6.md

@@ -93,8 +93,8 @@ See [List of metrics](https://etcd.io/docs/latest/metrics/) for all metrics per
 - Add [`etcd_debugging_server_alarms`](https://github.com/etcd-io/etcd/pull/14276).
 
 ### Go
-- Require [Go 1.21+](https://github.com/etcd-io/etcd/pull/16594).
+- Require [Go 1.22+](https://github.com/etcd-io/etcd/pull/16594).
-- Compile with [Go 1.21+](https://go.dev/doc/devel/release#go1.21.minor). Please refer to [gc-guide](https://go.dev/doc/gc-guide) to configure `GOGC` and `GOMEMLIMIT` properly. 
+- Compile with [Go 1.22+](https://go.dev/doc/devel/release#go1.21.minor). Please refer to [gc-guide](https://go.dev/doc/gc-guide) to configure `GOGC` and `GOMEMLIMIT` properly. 
 
 ### Other
 

go.mod

@@ -2,7 +2,7 @@ module go.etcd.io/etcd/v3
 
 go 1.22
 
-toolchain go1.22.1
+toolchain go1.22.2
 
 replace (
 	go.etcd.io/etcd/api/v3 => ./api
@@ -88,7 +88,7 @@ require (
 	go.opentelemetry.io/proto/otlp v1.1.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/crypto v0.21.0 // indirect
-	golang.org/x/net v0.22.0 // indirect
+	golang.org/x/net v0.23.0 // indirect
 	golang.org/x/sys v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80 // indirect

go.sum

@@ -183,8 +183,8 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
+golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
-golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
+golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=

tools/rw-heatmaps/go.mod

@@ -1,6 +1,6 @@
 module go.etcd.io/etcd/tools/rw-heatmaps/v3
 
-go 1.21
+go 1.22
 
 require (
 	github.com/spf13/cobra v1.8.0