puppet-agent's packaged curl is vulnerable to CVE-2024-2004 and CVE-2024-2398

[cthorn42]

Curl recently announced a new released of their 8 series. Puppet-agent is still a bit behind on the 7.x version, and there were two security announcements that affect the 7.x version in the latest 8.x release.
Here are the following two issues:

• https://curl.se/docs/CVE-2024-2004.html (low severity)
• https://curl.se/docs/CVE-2024-2398.html (medium severity)

Assuming we aren't close to the 8.x curl migration, we should backport the patches for the above issues into our puppet-runtime for both branches.

[github-actions]

Migrated issue to PUP-12030

[joshcooper]

Fixed in #810