package/mbedtls: security bump to version 2.28.5

Fixes the following security issue:

CVE-2023-43615: Buffer overread in TLS stream cipher suites
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-1/

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
(cherry picked from commit 26762e30090585e8c64333d3ffe4249e7a0b0f43)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mbedtls/mbedtls.hash

@@ -1,4 +1,4 @@
 # From https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.4:
-sha256  578c4dcd15bbff3f5cd56aa07cd4f850fc733634e3d5947be4f7157d5bfd81ac  mbedtls-2.28.4.tar.gz
+sha256  849e86b626e42ded6bf67197b64aa771daa54e2a7e2868dc67e1e4711959e5e3  mbedtls-2.28.5.tar.gz
 # Locally calculated
 sha256  cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30  LICENSE

package/mbedtls/mbedtls.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-MBEDTLS_VERSION = 2.28.4
+MBEDTLS_VERSION = 2.28.5
 MBEDTLS_SITE = $(call github,ARMmbed,mbedtls,v$(MBEDTLS_VERSION))
 MBEDTLS_CONF_OPTS = \
 	-DCMAKE_C_FLAGS="$(TARGET_CFLAGS) -std=c99" \