fix: update protobuf version for <= 3.12 (cve fix)

[hallvictoria]

Description

Updates protobuf, grpcio, and grpcio-tools versions for <= 3.12 to fix CVE-2026-0994.

Fixes #

---

Pull Request Checklist

Host-Worker Contract

• Does this PR impact the host-worker contract (e.g., gRPC messages, shared interfaces)?
  • If yes, have the changes been applied to:
    • azure_functions_worker (Python <= 3.12)
    • proxy_worker (Python >= 3.13)
  • If no, please explain why:

Worker Execution Logic

• Does this PR affect worker execution logic (e.g., function invocation, bindings, lifecycle)?
  If yes, please answer the following:

Python Version Coverage

• Does this change apply to both Python <=3.12 and 3.13+?
• If yes, have the changes been made to:
  • azure_functions_worker (Python <= 3.12)
  • runtimes/v1 / runtimes/v2 (Python >= 3.13)
• If no, please explain why:

Programming Model Compatibility (for Python 3.13+)

• Does this change apply to both:
  • V1 programming model (runtimes/v1)?
  • V2 programming model (runtimes/v2)?
• Explanation (if limited to one model):