docling: Fixed XXE, decompression bomb, and unbounded archive extraction in METS-GBS backend

Fixed XXE, decompression bomb, and unbounded archive extraction vulnerabilities in METS-GBS backend. Secure XML parsing with entity resolution disabled, DTD loading disabled, and network access disabled. Added configurable limits: 300 MB total extraction size, 10 MB per file, 1000 member count. Cumulative size tracking and early termination implemented. Secure format detection with max file size 10 MB, max member count 1000, and exception handling.

Users processing METS-GBS archives with docling versions prior to 2.91.0.

Upgrade to version 2.91.0 or later. If upgrade is not possible, avoid processing METS-GBS archives from untrusted sources and pre-validate in isolated environments.