Auto merge of #13412 - ehuss:update-git2, r=weihanglo

Update git2

This updates git2 primarily to pull in the update for libgit2 1.7.2 which fixes three security issues. `@weihanglo` did some investigation, and it looks like cargo may be susceptible to one of them with rev parsing. I am uncertain of the severity, but the CVE seems to imply that it is mainly a denial-of-service with an infinite loop from a well-crafted spec.

See https://github.com/libgit2/libgit2/releases/tag/v1.7.2 for more information.

Author: bors

Cargo.lock

@@ -44,7 +44,7 @@ curl = "0.4.44"
 curl-sys = "0.4.71"
 filetime = "0.2.23"
 flate2 = { version = "1.0.28", default-features = false, features = ["zlib"] }
-git2 = "0.18.1"
+git2 = "0.18.2"
 git2-curl = "0.19.0"
 gix = { version = "0.58.0", default-features = false, features = ["blocking-http-transport-curl", "progress-tree", "revision"] }
 gix-features-for-configuration-only = { version = "0.38.0", package = "gix-features", features = [ "parallel" ] }
@@ -62,7 +62,7 @@ itertools = "0.12.1"
 jobserver = "0.1.27"
 lazycell = "1.3.0"
 libc = "0.2.153"
-libgit2-sys = "0.16.1"
+libgit2-sys = "0.16.2"
 libloading = "0.8.1"
 memchr = "2.7.1"
 miow = "0.6.0"