libwebp: cherry-pick suspected upstream fix for CVE-2023-4863

This CVE is critical severity and has been exploited in the wild. It was
reported as being a Chromium vulnerability, but it seems to in fact
impact libwebp (and thus all its downstream users). There is however no
official confirmation of this yet.

The upstream fix patch (webmproject/libwebp@902bc919) does not cleanly
apply onto 1.3.1, so we vendor a very slightly modified version which
does cleanly apply. This is my original work, so YMMV on whether you
trust it or not, reviews very much welcomed :-)

0 files changed, 0 insertions, 0 deletions