SECURITY: Improve validation of SNS subscription confirm (PR #14671)

An upstream validation bug in the aws-sdk-sns library could enable RCE under certain circumstances. This commit updates the upstream gem, and adds additional validation to provide defense-in-depth.


This pull request has been mentioned on Discourse Meta. There might be relevant details there:

Probably should’ve mentioned this to @Bitnami before publishing, they have 5m pulls