Updating llhttp also needs the CVE-2020-8287 patch to be removed (it is
fixed upstream).