package/mpg123: security bump to version 1.32.8

Fixes the following security vulnerability:

CVE-2024-10573: An out-of-bounds write flaw was found in mpg123 when
handling crafted streams.  When decoding PCM, the libmpg123 may write past
the end of a heap-located buffer.  Consequently, heap corruption may happen,
and arbitrary code execution is not discarded.  The complexity required to
exploit this flaw is considered high as the payload must be validated by the
MPEG decoder and the PCM synth before execution.  Additionally, to
successfully execute the attack, the user must scan through the stream,
making web live stream content (such as web radios) a very unlikely attack
vector.

https://www.openwall.com/lists/oss-security/2024/10/30/2

Release notes:
https://sourceforge.net/p/mpg123/mailman/message/58834094/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>

package/mpg123/mpg123.hash

@@ -1,6 +1,6 @@
-# From https://sourceforge.net/projects/mpg123/files/mpg123/1.32.6/
-sha1  886c8c5f100caccfb4fefabc1c75ff6e2a834128  mpg123-1.32.6.tar.bz2
+# From https://sourceforge.net/projects/mpg123/files/mpg123/1.32.8/
+sha1  dc4d8d9d7fdc9c6c85e3036734eb937272a97800  mpg123-1.32.8.tar.bz2
 # Locally calculated
-sha256  ccdd1d0abc31d73d8b435fc658c79049d0a905b30669b6a42a03ad169dc609e6  mpg123-1.32.6.tar.bz2
+sha256  feee1374c79540e0e405df0bc45fde20ad67011425c361a2759e2146894a27a7  mpg123-1.32.8.tar.bz2
 # License file
 sha256  c22482728a634a8dfdb4ff72a96d4c1ed64cd8f3e79335c401751ac591609366  COPYING

package/mpg123/mpg123.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-MPG123_VERSION = 1.32.6
+MPG123_VERSION = 1.32.8
 MPG123_SOURCE = mpg123-$(MPG123_VERSION).tar.bz2
 MPG123_SITE = https://downloads.sourceforge.net/project/mpg123/mpg123/$(MPG123_VERSION)
 MPG123_INSTALL_STAGING = YES