chore(security): drop dead audit suppressions; patch OpenTelemetry + Tmds.DBus CVEs

All five suppressed advisories are now resolved at baseline/resolved versions,
so every NuGetAuditSuppress is removed repo-wide:
- System.Security.Cryptography.Xml (GHSA-37gx-xxp4-5rgx / GHSA-w3x6-4m5h-cxqf)
  -> fixed by the .NET 10 baseline (10.0.6)
- OPCFoundation Opc.Ua.Core (GHSA-h958-fxgg-g7w3) -> fixed at resolved 1.5.378.106

Two were still live and are now patched via direct security pins:
- OpenTelemetry.Api 1.9.0 -> 1.15.3 (GHSA-g94r-2vxg-569j) pinned in Cluster;
  Runtime/ControlPlane/AdminUI + tests inherit via project reference
- Tmds.DBus.Protocol 0.20.0 -> 0.21.3 (GHSA-xrw6-gwf8-vvr9) pinned in Client.UI

Also correct the Historian sidecar runtime comments (x86 -> x64, matching the
csproj PlatformTarget). Solution audit: 0 vulnerable packages; full build clean.

src/Client/ZB.MOM.WW.OtOpcUa.Client.UI/ZB.MOM.WW.OtOpcUa.Client.UI.csproj

@@ -22,6 +22,12 @@
         <PackageReference Include="Serilog.Sinks.File"/>
     </ItemGroup>
 
+    <ItemGroup>
+        <!-- Security pin: Avalonia.X11 pulls Tmds.DBus.Protocol 0.20.0 transitively, which carries
+             GHSA-xrw6-gwf8-vvr9 (High). Force the patched 0.21.3 (Client.UI.Tests inherits it). -->
+        <PackageReference Include="Tmds.DBus.Protocol"/>
+    </ItemGroup>
+
     <ItemGroup>
         <ProjectReference Include="..\ZB.MOM.WW.OtOpcUa.Client.Shared\ZB.MOM.WW.OtOpcUa.Client.Shared.csproj"/>
     </ItemGroup>
@@ -35,11 +41,4 @@
         <EmbeddedResource Include="Assets\app-icon.svg" />
     </ItemGroup>
 
-    <ItemGroup>
-        <!-- Tmds.DBus.Protocol 0.20.0 reaches this project transitively from Avalonia.Desktop on
-             Linux/macOS only. We do not ship Linux/macOS builds of the Client.UI to end users;
-             this advisory affects dev-tooling code paths only. -->
-        <NuGetAuditSuppress Include="https://github.com/advisories/GHSA-xrw6-gwf8-vvr9"/>
-    </ItemGroup>
-
 </Project>