Double-check exoplayer library for vulnerabilities

The exoplayer library currently used (r2.4.0) is rather old (latest stable is r2.9.6) and Mozilla has already found some defects with the help of coverity that should get fixed (see: https://bugzilla.mozilla.org/show_bug.cgi?id=1371247). There are potential security bugs that got fixed between r2.4.0 and r2.9.6 that we should pick up as well.