d/control: Depend on libseccomp 2.5.2

For CVE-2021-41133 to be fully prevented, for now we need a libseccomp
that knows about the syscalls we're blocking. Resolving this with older
libseccomp versions will require further development.