Fix CVE-2014-6272 in Libevent 1.4 from upstream:

Fix CVE-2014-6272 in Libevent 1.4 from upstream:
- https://github.com/libevent/libevent/commit/7b21c4eabf1f3946d3f63cce1319c490caab8ecf
- For this fix, we need to make sure that passing too-large inputs to
  the evbuffer functions can't make us do bad things with the heap.
On top of that do:
- Update libevent version to 1.4.15-stable.
- Use SIZE_MAX from limits.h instead of a private define.
- Do not declare 'size_t need' twice to avoid a compiler warning.
OK sthen