This update for git-bug fixes the following issues:

- Fix CVE-2026-1229 and CVE-2026-41506
  - CVE-2026-1229: CIRCL has an incorrect calculation in
    secp384r1 CombinedMult (boo#1265416, GO-2026-4550) update
    github.com/cloudflare/circl to v1.6.3
  - CVE-2026-41506: HTTP authentication credential leak when
    following redirects during smart-HTTP clone and fetch
    operations (boo#1264955, GO-2026-4910),
    update github.com/go-git/go-git/v5 to v5.17.1

- Revendor to include fixed version of depending libraries:
  - GO-2025-4116 (CVE-2025-47913, boo#1253506) upgrade
    golang.org/x/crypto to v0.43.0
  - GO-2025-3900 (GHSA-2464-8j7c-4cjm) upgrade
    github.com/go-viper/mapstructure/v2 to v2.4.0
  - GO-2025-3787 (GHSA-fv92-fjc5-jj9h) included in the previous
  - GO-2025-3754 (GHSA-2x5j-vhc8-9cwm) upgrade
    github.com/cloudflare/circl to v1.6.1
  - GO-2025-4134 (CVE-2025-58181, boo#1253930) upgrade
    golang.org/x/crypto/ssh to v0.45.0
  - GO-2025-4135 (CVE-2025-47914, boo#1254084) upgrade
    golang.org/x/crypto/ssh/agent to v0.45.0