update to libjpeg-turbo-2.0.5, including a fix for CVE-2020-13790 in

the PPM reader that caused a buffer overrun in cjpeg, TJBench, or the
tjLoadImage() function if one of the values in a binary PPM/PGM input
file exceeded the maximum value defined in the file's header and that
maximum value was less than 255.

From Brad.

graphics/jpeg/Makefile

@@ -1,11 +1,10 @@
-# $OpenBSD: Makefile,v 1.67 2020/02/05 17:31:09 thfr Exp $
+# $OpenBSD: Makefile,v 1.68 2020/06/28 10:55:33 sthen Exp $
 
 COMMENT=	SIMD-accelerated JPEG codec replacement of libjpeg
 
-V=		2.0.4
+V=		2.0.5
 DISTNAME=	libjpeg-turbo-${V}
 PKGNAME=	jpeg-${V}
-REVISION=	0
 EPOCH=		0
 
 SHARED_LIBS+=	jpeg		70.0	# 64.0

graphics/jpeg/distinfo

@@ -1,2 +1,2 @@
-SHA256 (libjpeg-turbo-2.0.4.tar.gz) = M92FR+/VVDY56JDvvy71LVoh34H69Bu5QGV6+RaiNAY=
-SIZE (libjpeg-turbo-2.0.4.tar.gz) = 2161812
+SHA256 (libjpeg-turbo-2.0.5.tar.gz) = Fvj28nFbOjirViqENXx5PdVq6Ymc4TBWPHLNk9g1e10=
+SIZE (libjpeg-turbo-2.0.5.tar.gz) = 2162983

graphics/jpeg/patches/patch-CMakeLists_txt

@@ -1,11 +1,11 @@
-$OpenBSD: patch-CMakeLists_txt,v 1.2 2018/11/13 14:30:43 sthen Exp $
+$OpenBSD: patch-CMakeLists_txt,v 1.3 2020/06/28 10:55:33 sthen Exp $
 
 Symbol versioning triggers weird linking problems in dependent ports.
 
 Index: CMakeLists.txt
 --- CMakeLists.txt.orig
 +++ CMakeLists.txt
-@@ -453,10 +453,6 @@ message(STATUS "INLINE = ${INLINE} (FORCE_INLINE = ${F
+@@ -468,10 +468,6 @@ endif()
  
  if(UNIX AND NOT APPLE)
    file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/conftest.map "VERS_1 { global: *; };")