devel/sonarqube-community: update to 9.2.3

This is a feel-good release for the log4j vulnerabilities.

Log4j is bundled in the included elasticsearch only. Elasticsearch
states, that for JDK9+ (the FreeBSD port uses 11+) is not susceptible
to either remote code execution or information leakage due to the
useage of the Java Security Manager.
The updated Elasticsearch in sonarqube has certain components of
log4j removed "out of an abundance of caution".

Reference: https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476