Update elliptic to ^6.5.4, npm advisory 1648

[pxwise]

New audit vulnerability seen in bitcoinjs-lib - https://www.npmjs.com/advisories/1648. Requires an update of elliptic to >=6.5.4.

[junderw]

We will update it.

Just FYI, bitcoinjs-lib does not use the affected code portion. (ECDH)

[junderw]

Also FYI, anyone who installs a fresh copy will automatically be updated.

$ cd $(mktemp -d)
$ npm init -y
Wrote to /tmp/tmp.Xs0z0NFYij/package.json:

{
  "name": "tmp.Xs0z0NFYij",
  "version": "1.0.0",
  "description": "",
  "main": "index.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "keywords": [],
  "author": "",
  "license": "ISC"
}

$ npm install tiny-secp256k1

...

+ tiny-secp256k1@1.1.6
added 23 packages from 13 contributors and audited 23 packages in 3.805s

1 package is looking for funding
  run `npm fund` for details

found 0 vulnerabilities

$ cat package-lock.json | jq -r .dependencies.elliptic.version
6.5.4