Use updated pattern from avoid-pyyaml-load in B506

What does this MR do?

The pattern used in the Bandit B506 rule is out of date.

This demonstrates the issue https://semgrep.dev/playground/s/stevep-arm:bandit.b506?editorMode=advanced

and this shows the updated pattern against the same test case https://semgrep.dev/playground/s/stevep-arm:avoid-pyyaml-load?editorMode=advanced

For this MR I have copied the pattern but not the metadata from the original source of the B506 rule.

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer