MFH: r546350

Update from 1.0.7 to 1.0.9.

<Security note>

Please consider updating brotli to version 1.0.9 (latest).

Version 1.0.9 contains a fix to "integer overflow" problem. This
happens when "one-shot" decoding API is used (or input chunk for
streaming API is not limited), input size (chunk size) is larger
than 2GiB, and input contains uncompressed blocks. After the
overflow happens, memcpy is invoked with a gigantic num
value, that will likely cause the crash.

</Security note>

Approved by: ports-secteam (fluffy)