package/libkrb5: security bump to 1.21.2

Fixes the following security issues:

- CVE-2023-36054: lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5)
  before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer

- CVE-2023-39975: kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before
  1.21.2 has a double free that is reachable if an authenticated user can
  trigger an authorization-data handling failure

Signed-off-by: André Zwing <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dd1ea28b07e9b50facbee4aee0254631b9b4fe14)
[Peter: mark as security bump, add CVE details]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libkrb5/libkrb5.hash

@@ -1,5 +1,5 @@
 # Locally calculated after checking pgp signature
-sha256  69f8aaff85484832df67a4bbacd99b9259bd95aab8c651fbbe65cdc9620ea93b  krb5-1.21.tar.gz
+sha256  9560941a9d843c0243a71b17a7ac6fe31c7cebb5bce3983db79e52ae7e850491  krb5-1.21.2.tar.gz
 
 # Hash for license file:
 sha256  0d5373486138cb176c063db98274b4c4ab6ef3518c4191360736384b780306c2  NOTICE

package/libkrb5/libkrb5.mk

@@ -4,8 +4,9 @@
 #
 ################################################################################
 
-LIBKRB5_VERSION = 1.21
-LIBKRB5_SITE = https://web.mit.edu/kerberos/dist/krb5/$(LIBKRB5_VERSION)
+LIBKRB5_VERSION_MAJOR = 1.21
+LIBKRB5_VERSION = $(LIBKRB5_VERSION_MAJOR).2
+LIBKRB5_SITE = https://web.mit.edu/kerberos/dist/krb5/$(LIBKRB5_VERSION_MAJOR)
 LIBKRB5_SOURCE = krb5-$(LIBKRB5_VERSION).tar.gz
 LIBKRB5_SUBDIR = src
 LIBKRB5_LICENSE = MIT, BSD-2-Clause, BSD-3-Clause, BSD-4-Clause, others