package/openjpeg: security bump to version 2.5.2

Fixes the following security issues:

CVE-2021-3575: A heap-based buffer overflow was found in openjpeg in
color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file.  An
attacker could use this to execute arbitrary code with the permissions of
the application compiled against openjpeg.

Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ff36bc68cdba30f2a76da2b9f2047aa9a514e07e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openjpeg/openjpeg.hash

@@ -1,3 +1,3 @@
 # Locally computed:
-sha256  0333806d6adecc6f7a91243b2b839ff4d2053823634d4f6ed7a59bc87409122a  openjpeg-2.5.0.tar.gz
+sha256  90e3896fed910c376aaf79cdd98bdfdaf98c6472efd8e1debf0a854938cbda6a  openjpeg-2.5.2.tar.gz
 sha256  a6af136f3e15038a666b61f376612a07d9a4e48cb7c01adbf3e33b3f14ab49b6  LICENSE

package/openjpeg/openjpeg.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-OPENJPEG_VERSION = 2.5.0
+OPENJPEG_VERSION = 2.5.2
 OPENJPEG_SITE = $(call github,uclouvain,openjpeg,v$(OPENJPEG_VERSION))
 OPENJPEG_LICENSE = BSD-2-Clause
 OPENJPEG_LICENSE_FILES = LICENSE