vendor: golang.org/x/crypto v0.52.0

changes:

- ssh: fix deadlock on unexpected channel responses (CVE-2026-39830)
- ssh: fix source-address critical option bypass (CVE-2026-46595)
- ssh: fix incorrect operator order (CVE-2026-46597)
- ssh: fix infinite loop on large channel writes due to integer overflow (CVE-2026-39834)
- ssh: enforce user presence verification for security keys (CVE-2026-39831)
- ssh: enforce strict limits on DSA key parameters (CVE-2026-39829)
- ssh: reject RSA keys with excessively large moduli (CVE-2026-39829)
- ssh: fix panic when authority callbacks are nil (CVE-2026-39835)
- ssh: fix deadlock on unexpected global responses (CVE-2026-39830)
- ssh: enforce nil Permissions when returning PartialSuccessError (CVE-2026-39828)
- ssh: prevent memory leak when rejecting channels (CVE-2026-3982)
- ssh/knownhosts: respect Revoked CA keys (CVE-2026-42508)
- ssh/agent: prevent panic on pathological ed25519 inputs (CVE-2026-46598)
- ssh/agent: reject keys with unsupported confirm constraint (CVE-2026-39833)
- ssh/agent: don't accept keys with unsupported constraints (CVE-2026-39832)
- ssh/agent: preserve constraint extensions when adding keys (CVE-2026-39832)

other changes:

- chacha20poly1305: remove usages of BYTE instr
- chacha20poly1305: drop pre-AVX assembly impl
- blake2b: merge go125.go into blake2b_test.go

security announce: https://groups.google.com/g/golang-announce/c/a082jnz-LvI
full diff: https://github.com/golang/crypto/compare/v0.51.0...v0.52.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>