open-consul/.changelog/18186.txt

```release-note:security
Upgrade golang.org/x/net to address [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406)
```
Backport of [NET-4865] Bump golang.org/x/net to 0.12.0 into release/1.16.x (#18189) Bump golang.org/x/net to 0.12.0 While not necessary to directly address CVE-2023-29406 (which should be handled by using a patched version of Go when building), an accompanying change to HTTP/2 error handling does impact agent code. See https://go-review.googlesource.com/c/net/+/506995 for the HTTP/2 change. Bump this dependency across our submodules as well for the sake of potential indirect consumers of `x/net/http`. Manual backport of 84cbf09185ebfc59f9fcf486d1c4983ef129bf95. 2023-07-19 16:22:18 +00:00			```release-note:security
			`Upgrade golang.org/x/net to address [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406)`
			```