Switch to Docker Hardened Images (DHI) for base images in `Dockerfile`

[benglewis]

We use Label Studio's official Docker images as a base (via FROM) and apply some modifications on top. However, we keep running into vulnerabilities when we scan these images.

I believe the root cause is that Label Studio's Docker image uses the standard python image from Docker Hub as its base. Switching to Docker Hardened Images (DHI) instead would likely resolve these vulnerabilities. DHI are now free and open source, released under the Apache 2.0 license.

I'd be happy to open a Pull Request to make this change, but there's one thing to be aware of: pulling DHI requires authentication with a Docker Hub account, so you would need to configure that on your end as well.