Update Rust crate ring to v0.17.12 [SECURITY] (#35080)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [ring](https://redirect.github.com/briansmith/ring) | workspace.dependencies | patch | `0.17.8` -> `0.17.12` |

### GitHub Vulnerability Alerts

#### [GHSA-4p46-pwfr-66x6](https://redirect.github.com/briansmith/ring/pull/2447)

`ring::aead::quic::HeaderProtectionKey::new_mask()` may panic when overflow checking is enabled. In the QUIC protocol, an attacker can induce this panic by sending a specially-crafted packet. Even unintentionally it is likely to occur in 1 out of every 2**32 packets sent and/or received.

On 64-bit targets operations using `ring::aead::{AES_128_GCM, AES_256_GCM}` may panic when overflow checking is enabled, when encrypting/decrypting approximately 68,719,476,700 bytes (about 64 gigabytes) of data in a single chunk. Protocols like TLS and SSH are not affected by this because those protocols break large amounts of data into small chunks. Similarly, most applications will not attempt to encrypt/decrypt 64GB of data in one chunk.

Overflow checking is not enabled in release mode by default, but `RUSTFLAGS="-C overflow-checks"` or `overflow-checks = true` in the Cargo.toml profile can override this. Overflow checking is usually enabled by default in debug mode.

---

### Release Notes

<details>
<summary>briansmith/ring (ring)</summary>

### [`v0.17.12`](https://redirect.github.com/briansmith/ring/blob/HEAD/RELEASES.md#Version-01712-2025-03-05)

\============================
Bug fix:[https://github.com/briansmith/ring/pull/2447](https://redirect.github.com/briansmith/ring/pull/2447)7 for denial of service (DoS).

-   Fixes a panic in `ring::aead::quic::HeaderProtectionKey::new_mask()` when
    integer overflow checking is enabled. In the QUIC protocol, an attacker can
    induce this panic by sending a specially-crafted packet. Even unintentionally
    it is likely to occur in 1 out of every 2\*\*32 packets sent and/or received.

-   Fixes a panic on 64-bit targets in `ring::aead::{AES_128_GCM, AES_256_GCM}`
    when overflow checking is enabled, when encrypting/decrypting approximately
    68,719,476,700 bytes (about 64 gigabytes) of data in a single chunk. Protocols
    like TLS and SSH are not affected by this because those protocols break large
    amounts of data into small chunks. Similarly, most applications will not
    attempt to encrypt/decrypt 64GB of data in one chunk.

Overflow checking is not enabled in release mode by default, but
`RUSTFLAGS="-C overflow-checks"` or `overflow-checks = true` in the Cargo.toml
profile can override this. Overflow checking is usually enabled by default in
debug mode.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" in timezone America/Los_Angeles, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate).

GitOrigin-RevId: 6cedad53326b1f672cb0585adc46e43a62cb3784

Author: convex-renovate-runner[bot]