package/libarchive: security bump to version 3.5.3

Libarchive 3.5.3 is a security release

Security Fixes:
 - extended fix for following symlinks when processing the fixup list
   (CVE-2021-31566)
 - fix invalid memory access and out of bounds read in RAR5 reader
   (CVE-2021-36976)

https://github.com/libarchive/libarchive/releases/tag/v3.5.3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 99d3d6afe7a5df12552d0d305743f64abdd155c4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libarchive/libarchive.hash

@@ -1,4 +1,4 @@
 # From https://www.libarchive.de/downloads/sha256sums
-sha256  f0b19ff39c3c9a5898a219497ababbadab99d8178acc980155c7e1271089b5a0  libarchive-3.5.2.tar.xz
+sha256  5cac725dd4be31c4a10b65d30f29dc957ea29ef3d758df6e46e8ae90a996a19a  libarchive-3.5.3.tar.xz
 # Locally computed:
 sha256  b2cdf763345de2de34cebf54394df3c61a105c3b71288603c251f2fa638200ba  COPYING

package/libarchive/libarchive.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBARCHIVE_VERSION = 3.5.2
+LIBARCHIVE_VERSION = 3.5.3
 LIBARCHIVE_SOURCE = libarchive-$(LIBARCHIVE_VERSION).tar.xz
 LIBARCHIVE_SITE = https://www.libarchive.de/downloads
 LIBARCHIVE_INSTALL_STAGING = YES