v7.4.12

Changelog (v7.4.11...v7.4.12)

• security #cve-2026-45069 Add missing claims in OidcTokenHandler (@alexandre-daubois)
• security #cve-2026-45063 Anchor emailAddress regex to RDN boundary in X509Authenticator (@alexandre-daubois)
• security #cve-2026-45074 Require configuring trusted hosts when using CAS authentication (@nicolas-grekas)
• security #cve-2026-45075 Fix HEAD requests bypassing methods filter in IsGranted, IsCsrfTokenValid and IsSignatureValid attributes (@nicolas-grekas)
• bug #64213 Fix impersonation being deauthenticated on every request (@nicolas-grekas)