Bump rustls-webpki to patched version in lock files

RUSTSEC-2026-0104 reports a reachable DoS panic in `rustls-webpki`
versions prior to `0.103.13` when parsing a CRL whose
`IssuingDistributionPoint.onlySomeReasons` extension contains a
syntactically valid empty `BIT STRING`. Bumping the pinned version in
both checked-in lock files to `0.103.13` addresses the advisory.

Co-Authored-By: HAL 9000
Signed-off-by: Elias Rohrer <dev@tnull.de>

Author: tnull

Cargo-minimal.lock

@@ -947,9 +947,9 @@ dependencies = [
 
 [[package]]
 name = "rustls-webpki"
-version = "0.103.12"
+version = "0.103.13"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8279bb85272c9f10811ae6a6c547ff594d6a7f3c6c6b02ee9726d1d0dcfcdd06"
+checksum = "61c429a8649f110dddef65e2a5ad240f747e85f7758a6bccc7e5777bd33f756e"
 dependencies = [
  "ring",
  "rustls-pki-types",

Cargo-recent.lock

@@ -947,9 +947,9 @@ dependencies = [
 
 [[package]]
 name = "rustls-webpki"
-version = "0.103.12"
+version = "0.103.13"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8279bb85272c9f10811ae6a6c547ff594d6a7f3c6c6b02ee9726d1d0dcfcdd06"
+checksum = "61c429a8649f110dddef65e2a5ad240f747e85f7758a6bccc7e5777bd33f756e"
 dependencies = [
  "ring",
  "rustls-pki-types",

bitreq/Cargo.toml

@@ -24,7 +24,7 @@ base64 = { version = "0.22", default-features = false, features = ["alloc"], opt
 rustls = { version = "0.23.38", default-features = false, features = ["ring", "std", "tls12"], optional = true }
 rustls-native-certs = { version = "0.8.3", default-features = false, optional = true }
 webpki-roots = { version = "1.0.7", default-features = false, optional = true }
-rustls-webpki = { version = "0.103.12", default-features = false, optional = true }
+rustls-webpki = { version = "0.103.13", default-features = false, optional = true }
 
 # For native-tls-based TLS:
 native-tls = { version = "0.2", default-features = false, optional = true }