package/botan: security bump to version 1.10.16

Fixes CVE-2017-2801: A programming error exists in a way Randombit Botan
cryptographic library version 2.0.1 implements x500 string comparisons which
could lead to certificate verification issues and abuse.  A specially
crafted X509 certificate would need to be delivered to the client or server
application in order to trigger this vulnerability.

[Peter: extend commit message with security fixes info]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 033aa8d4e9ad13ee56dbb372ad45a7d83bca4f53)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/botan/botan.hash

@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256	23ec973d4b4a4fe04f490d409e08ac5638afe3aa09acd7f520daaff38ba19b90  Botan-1.10.13.tgz
+sha256 6c5472401d06527e87adcb53dd270f3c9b1fb688703b04dd7a7cfb86289efe52  Botan-1.10.16.tgz

package/botan/botan.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BOTAN_VERSION = 1.10.13
+BOTAN_VERSION = 1.10.16
 BOTAN_SOURCE = Botan-$(BOTAN_VERSION).tgz
 BOTAN_SITE = http://botan.randombit.net/releases
 BOTAN_LICENSE = BSD-2c