Fixes
- fix out-of-bounds read in jmespath negative-step slice by @uwezkhan in #2670
- Fix jmespath negative single index and negative-step slice bounds by @stephenberry in #2673
- reject conflicting content-length headers in try_parse_request by @uwezkhan in #2667
- bound get_view_json seek separator check against end of input by @uwezkhan in #2679
- drop header fields with CR or LF when serializing http messages by @uwezkhan in #2677
- bound cbor eigen matrix read to the matrix's storage by @uwezkhan in #2680
- guard char escape read against end of non-null-terminated input by @uwezkhan in #2681
- enforce rfc 6455 frame masking in process_frames by @uwezkhan in #2674
- bound async response body to content-length in http_client by @uwezkhan in #2684
Full Changelog: v7.8.3...v7.8.4