Bump FdwVersion to 2.2.3 (FDW v2.2.3 security release)

[kaidaguerre]

Summary

Points the embedded Steampipe FDW at the newly published steampipe-postgres-fdw v2.2.3 security release. FDW v2.2.3 is now fully published — GitHub release plus the OCI image ghcr.io/turbot/steampipe/fdw:2.2.3 is live — so Steampipe must consume the patched image.

This is a one-line constant change in pkg/constants/db.go (FdwVersion 2.2.2 → 2.2.3). FdwImageRef is derived from FdwVersion, so the embedded FDW image ref automatically resolves to ghcr.io/turbot/steampipe/fdw:2.2.3.

Why

FDW v2.2.3 carries the jackc/pgx/v5 v5.9.2 fix for CVE-2026-41889. Steampipe's own pgx / go-jose / otel remediations for v2.4.3 already merged via #4995 (which also added the ## v2.4.3 [2026-05-19] CHANGELOG entry). Pointing at the patched FDW image is the last remaining prerequisite before cutting the Steampipe v2.4.3 release.

Changes

• pkg/constants/db.go: FdwVersion = "2.2.2" → FdwVersion = "2.2.3" (only this constant; FdwImageRef untouched, derives automatically).
• CHANGELOG.md: appended one bullet to the existing ## v2.4.3 [2026-05-19] Dependencies section (no new entry created).

Verification

• GOTOOLCHAIN=auto go build ./... — clean (exit 0).

PR only. No merge, no tag, no release.