fix(deps): upgrade pingora 0.7→0.8 and aws-lc-sys to patch CVEs

- pingora* 0.7.0 → 0.8.0: fixes CVE-2026-2833 (HTTP request smuggling
  via premature connection closure, CRITICAL)
- aws-lc-sys 0.37.1 → 0.38.0: fixes GHSA-65p9-r9h6-22vj (timing
  side-channel in AES-CCM tag verification, HIGH)

Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>

Cargo.toml

@@ -9,10 +9,10 @@ path = "src/lib.rs"
 
 [dependencies]
 # Pingora with rustls backend (pure Rust TLS, no BoringSSL C build)
-pingora       = { version = "0.7", features = ["rustls"] }
-pingora-proxy = { version = "0.7", features = ["rustls"] }
-pingora-core  = { version = "0.7", features = ["rustls"] }
-pingora-http  = "0.7"
+pingora       = { version = "0.8", features = ["rustls"] }
+pingora-proxy = { version = "0.8", features = ["rustls"] }
+pingora-core  = { version = "0.8", features = ["rustls"] }
+pingora-http  = "0.8"
 
 # HTTP header constants
 http = "1"