package/libarchive: security bump version to 3.8.4

https://github.com/libarchive/libarchive/releases/tag/v3.8.3
"Libarchive 3.8.3 is a bugfix and security release."
https://github.com/libarchive/libarchive/releases/tag/v3.8.4

Switch to sha256 tarball hash provided by upstream.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien:
 - add missing '#' in hash file to fix check-package error
 - add back the comment with the pgp signature
]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 68b83f9a805908e37fa6cf01e57752eb8ae2bc59)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>

package/libarchive/libarchive.hash

@@ -1,5 +1,6 @@
-# Locally computed after verifying the signature from
-# https://www.libarchive.de/downloads/libarchive-3.8.2.tar.xz.asc
-sha256  db0dee91561cbd957689036a3a71281efefd131d35d1d98ebbc32720e4da58e2  libarchive-3.8.2.tar.xz
+# From https://github.com/libarchive/libarchive/releases/tag/v3.8.4
+# After verifying the pgp signature from:
+# https://www.libarchive.de/downloads/libarchive-3.8.4.tar.xz.asc
+sha256  c7b847b57feacf5e182f4d14dd6cae545ac6843d55cb725f58e107cdf1c9ad73  libarchive-3.8.4.tar.xz
 # Locally computed:
 sha256  30e556b3959e3985d66efefec5eaac51d4995053caa1d3cffe6eb916f146f229  COPYING

package/libarchive/libarchive.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBARCHIVE_VERSION = 3.8.2
+LIBARCHIVE_VERSION = 3.8.4
 LIBARCHIVE_SOURCE = libarchive-$(LIBARCHIVE_VERSION).tar.xz
 LIBARCHIVE_SITE = https://www.libarchive.de/downloads
 LIBARCHIVE_INSTALL_STAGING = YES