Foolbox

* fixed `CompositeModel` and added it to docs
* added `L0` and `Linfinity` (`Linf`) distance measures
* added `DeepFoolLinfinityAttack`
* renamed `DeepFoolAttack` to `DeepFoolL2Attack`
* new `DeepFoolAttack` now chooses norm to optimize based on the employed distance measure (alternative, `p=2` or `p=np.inf` can be passed)
* fixed integer overflows caused by numpy
* improved tests

Fixed a numeric issue when attacking Keras models that provide probability outputs (instead of logits) using a gradient-based attack.

Fixed package dependency issues.

- Improved GradientAttack and GradientSignAttack (FGSM) to handle smaller epsilons
- fixed Pillow imports
- improved README rendering on PyPI
- other minor changes

BoundaryAttack less verbose

BoundaryAttack added: a new, powerful decision-based attack that does not rely on gradients or probabilities