package/libjxl: security bump to version 0.9.4

Fixes:
https://www.cve.org/cverecord?id=CVE-2024-11403
https://www.cve.org/cverecord?id=CVE-2024-11498

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libjxl/libjxl.hash

@@ -1,4 +1,4 @@
 # Locally computed:
-sha256  d83bbe188d8fa9725bb75109c922c37fcff8c3b802808f3a6c2c14aaf8337d9f  libjxl-0.9.0.tar.gz
+sha256  ac9f034bf80516f072450edfb31d93c156e7136791df0d0ce14c5d0d3990fe64  libjxl-0.9.4.tar.gz
 sha256  8405932022a556380c2d8c272eff154a923feb197233f348ce5f7334fb0a5ede  LICENSE
 sha256  91915f8ae056a68a3c5bdf05d9f6f78bb6903e27a8ca3a8434c9e4ac87300575  PATENTS

package/libjxl/libjxl.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBJXL_VERSION = 0.9.0
+LIBJXL_VERSION = 0.9.4
 LIBJXL_SITE = $(call github,libjxl,libjxl,v$(LIBJXL_VERSION))
 LIBJXL_LICENSE = BSD-3-Clause
 LIBJXL_LICENSE_FILES = LICENSE PATENTS