www/caddy: Update to 2.11.2

Changes:

Caddy 2.11.2 contains numerous bug fixes and enhancements! I know
that's a lame summary but it's really all over the place.

Highlights:

• Reverse proxy got a lot of love with certain edge cases related to PROXY protocol, health check port, and closing body on retries. Dynamic upstreams are now tracked which enables passive health checking.
• Performance improvements for metrics.
• New tls_resolvers global option to control DNS resolvers for all sites when using the ACME DNS challenge.
• Log rolling now supports zstd compression; deprecated roll_gzip, which will be removed in the future. Use roll_compression instead.
• Refined logging and some error messages.
• Fixed a bug in rewrite handler that could cause some URIs to not be rewritten when URI path is an escaped form of target path. Thanks to @MaherAzzouzi for the report.

Security fixes:
This release fixes two CVEs.

• @NucleiAv reported a bug in the forward_auth directive that could permit identity injection and potential privilege escalation. (HIGH, GHSA-7r4p-vjf4-qxv4)
• @sammiee5311 reported that vars_regexp double-expanded placeholders, allowing some unusual configs to reveal secrets. (MODERATE, GHSA-m2w3-8f23-hxxf)

In addition:

• Our documentation has been updated to note that file system case sensitivity may affect the behavior of the hide option of the file_server handler.

Thank you to everyone who contributed, and for our ongoing
sponsorships that make this development possible!

Security: https://github.com/caddyserver/caddy/security/advisories/GHSA-7r4p-vjf4-gxv4

		https://github.com/caddyserver/caddy/security/advisories/GHSA-m2w3-8f23-hxxf