Enable Debian security repo by default

[funtri-vt]

This is a fix for a problem I noticed where the debian security repo isn't enabled by default.
If you think it shouldn't be enabled by default, or if I put the activation of it in the wrong place, please feel free to guide me/close this PR.

[funtri-vt]

Just realized that Linux-base being upgraded might be a problem. I'll look into that.

[funtri-vt]

Just realized that Linux-base being upgraded might be a problem. I'll look into that.

Testing a reboot after manually adding this repo to my shimboot install and upgrading it. I'll see if it breaks anything.

[funtri-vt]

It seems it hasn't broken. That means this PR is probably ready to be merged (ofc only if ading2210 wants).

[jacobleclair]

this is how i've always used it, haven't had issues.

[funtri-vt]

this is how i've always used it, haven't had issues.

Well, I came accross this after learning about the latest ffmpeg vulnerabilites(which i had ffmpeg installed on my shimboot system) and when trying to update, it refused to update to the latest version, so I investigated and found that the security repository wasn't enabled. So, I made this simple patch to fix that, and add the security repo so shimboot is a little more secure than it currently is(when you factor out the old kernel, which kexec support for is in progress, but not yet finished).

[funtri-vt]

Ok! I've pushed a patch to address that. Let me know if you'd like any improvements, or if it seems like it doesn't properly address the issue.

[funtri-vt]

Just realized that I'm not running an if on the distro to determine the repo. I'll fix that in a bit.

[funtri-vt]

I also added a flag to include the security repos that can be expanded to add logic for ubuntu to build_complete for whether or not to even include the security repo. This also by default sets up the prebuilts to use the security repo. Let me know if you'd like any changes before this is merged!