Update to the latest att/ast github commit.
This fixes CVE-2019-14868: certain environment variables interpreted
as arithmetic expressions on startup, leading to code injection.
Submitted by: Siteshwar Vashisht <svashisht@redhat.com>
Reported by: Marian Rehak
MFH: 2020Q1
Security: CVE-2019-14868
https://bugzilla.redhat.com/show_bug.cgi?id=1757324 https://access.redhat.com/security/cve/CVE-2019-14868