Add patch to R versions <4.4 for CVE-2024-27322?

[fh-mthomson]

As succinctly proposed by @mbargull in https://github.com/conda-forge/r-base-feedstock/pull/297#issuecomment-2127776232, inheriting a patch for CVE-2024-27322 would allow conda users to more directly address the issue by installing a patched version of r-base from conda, which would remove the need to upgrade all R code + libraries to ≥4.4.0 (non-trivial).

Examples:

• Posit's binaries: https://github.com/rstudio/r-builds/commit/e7a491969d68e1a9526e461955480ba9b6479431
• https://github.com/spack/spack/pull/44050
• https://src.fedoraproject.org/rpms/R/c/b1a4e124f24f03916877bc116c1f9e89dd6c34a5?branch=f39

Disclaimers: I'm not looking to debate the (1) severity of the CVE nor (2) the version(s) of R that should be used; instead, it's reasonable to assume that many users/organizations will want to (a) stay on a non-4.4 version of R and (b) err on the side of caution via a patched version. Thank you for the consideration!

[jdblischak]

I can submit the PRs

[fh-mthomson]

Thank you, @jdblischak!