possible security fix: do not call slilog with intended message as format string

possible security fix: do not call slilog with intended message as format string

vMessage would call slilog with part of the intended log message as
the format string.  This is a potential format string vulnerability,
detected by -Wformat-security.

I have not analysed the code in detail to determine in exactly which
circumstances a secnet installation will be vulnerable, but in general
a vulnerability (at least for DOS) will exist in any situation where
an attacker can cause a log message to contain things which look like
printf directives.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
(cherry picked from commit 7908f2c6b5be419f8f4031876139953d4ee8340d)