Exact Certification of Neural Networks and Partition Aggregation Ensembles against Label Poisoning