Backport of [NET-5146] security: Update Go version to 1.20.7 and x/net to 0.13.0 into release/1.15.x

[hc-github-team-consul-core]

Backport

This PR is auto-generated from #18358 to be assessed for backporting due to the inclusion of the label backport/1.15.

🚨

Warning automatic cherry-pick of commits failed. If the first commit failed,
you will see a blank no-op commit below. If at least one commit succeeded, you
will see the cherry-picked commits up to, not including, the commit where
the merge conflict occurred.

The person who merged in the original PR is:
@zalimeni
This person should manually cherry-pick the original PR into a new backport PR,
and close this one when the manual backport PR is merged in.

merge conflict error: POST https://api.github.com/repos/hashicorp/consul/merges: 409 Merge conflict []

The below text is copied from the body of the original PR.

---

Go upgrade resolves CVE-2023-29409(crypto/tls).

x/net upgrade resolves CVE-2023-3978 for dependency scanners (non-impacting).

Description

Resolves CVEs and brings us up to the latest version of Go and x/net.

Possible follow up to merge the prior Go 1.20.6 and x/net bump changelog entries for simplicity, but leaving for now to focus on getting the fix out in time for the next patch release.

Testing & Reproduction steps

Tests should continue to pass.

Links

• https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI
• Go: https://go-review.googlesource.com/c/go/+/514900
• x/net: https://go-review.googlesource.com/c/net/+/514896

PR Checklist

• updated test coverage
• external facing docs updated
• appropriate backport labels added
• not a security concern

---

Overview of commits

• 9e249f9 - b85a43e

[github-team-consul-core-pr-approver]

Auto approved Consul Bot automated PR