tools/expat: update to 2.5.0

Fixes CVE-2022-43680 CVE-2022-40674.
Switch to .xz archive to be closer to master.

Changes: https://github.com/libexpat/libexpat/blob/R_2_5_0/expat/Changes
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>

tools/expat/Makefile

@@ -9,10 +9,10 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=expat
 PKG_CPE_ID:=cpe:/a:libexpat:expat
-PKG_VERSION:=2.4.7
+PKG_VERSION:=2.5.0
 
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=e149bdd8b90254c62b3d195da53a09bd531a4d63a963b0d8a5268d48dd2f6a65
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_HASH:=ef2420f0232c087801abf705e89ae65f6257df6b7931d37846a193ef2e8cdcbe
 PKG_SOURCE_URL:=https://github.com/libexpat/libexpat/releases/download/R_$(subst .,_,$(PKG_VERSION))
 
 include $(INCLUDE_DIR)/host-build.mk