Merge pull request #66582 (nginx security updates)

This addresses CVE-2019-9511, CVE-2019-9513 and CVE-2019-9516. Details
about these vulnerabilities can be found at:

https://github.com/Netflix/security-bulletins/blob/216433296d3bc542496a8edae5b4ca39cfd892b1/advisories/third-party/2019-002.md

Version 1.16.1 only includes the security fixes, however version 1.17.3
has two additional bugfixes:

  * "zero size buf" alerts might appear in logs when using gzipping; the
    bug had appeared in 1.17.2.
  * a segmentation fault might occur in a worker process if the
    "resolver" directive was used in SMTP proxy.

I haven't extensively tested this, but from a quick test, nginx is still
working and the NixOS tests also succeed.

Thanks to @Izorkin for the pull request.