bash: fix string format errors when enabling security flags

If security_flags.inc is included then bash 3.2.48 fails to build:

| ../bash-3.2.48/print_cmd.c:1152:3: error: format not a string literal and no format arguments [-Werror=format-security]
|    cprintf (indentation_string);

Backport a patch from upstream to solve this.

(From OE-Core rev: 293d90d757d0d1e292c90cb0e9c576faf911ffcc)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-extended/bash/bash-3.2.48/string-format.patch

@@ -0,0 +1,21 @@
+Fix a string format warning when using security flags:
+
+| ../bash-3.2.48/print_cmd.c:1152:3: error: format not a string literal and no format arguments [-Werror=format-security]
+|    cprintf (indentation_string);
+
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+diff --git a/print_cmd.c b/print_cmd.c
+index d1dfd1a..956db53 100644
+--- a/print_cmd.c
++++ b/print_cmd.c
+@@ -1149,7 +1149,7 @@ indent (amount)
+   for (i = 0; amount > 0; amount--)
+     indentation_string[i++] = ' ';
+   indentation_string[i] = '\0';
+-  cprintf (indentation_string);
++  cprintf ("%s", indentation_string);
+ }
+ 
+ static void

meta/recipes-extended/bash/bash_3.2.48.bb

@@ -20,6 +20,7 @@ SRC_URI = "${GNU_MIRROR}/bash/bash-${PV}.tar.gz;name=tarball \
            file://test-output.patch \
            file://run-ptest \
            file://dont-include-target-CFLAGS-in-host-LDFLAGS.patch \
+           file://string-format.patch \
           "
 
 SRC_URI[tarball.md5sum] = "338dcf975a93640bb3eaa843ca42e3f8"