Improve output for RustSec advisories

[tomasfarias]

Closes #288

PR is a draft as only the vulnerability URL has been included in the output. Potential solution/patched versions are WIP.

[tomasfarias]

Will be opening up the PR for review shortly, this is how things are looking right now:

• Added vulnerability URL
• Added "Solution" to diagnostic notes

Examples:
No solution available:

error[A001]: Multiple soundness issues in Chunk and InlineArray
    ┌─ /home/tomasfarias/src/github.com/tomasfarias/cargo-deny/Cargo.lock:121:1
    │
121 │ sized-chunks 0.6.2 registry+https://github.com/rust-lang/crates.io-index
    │ ------------------------------------------------------------------------ security vulnerability detected
    │
    = ID: RUSTSEC-2020-0041
    = URL: https://rustsec.org/advisories/RUSTSEC-2020-0041
    = Chunk:

      * Array size is not checked when constructed with `unit()` and `pair()`.
      * Array size is not checked when constructed with `From<InlineArray<A, T>>`.
      * `Clone` and `insert_from` are not panic-safe; A panicking iterator causes memory safety issues with them.

      InlineArray:

      * Generates unaligned references for types with a large alignment requirement.
    = URL: https://github.com/bodil/sized-chunks/issues/11
    = Solution: No safe upgrade is available!
    = sized-chunks v0.6.2
      └── cargo-deny v0.8.0

Solution available (added a random crate just for local testing purposes):

error[A001]: Improper uniqueness verification of signature threshold
    ┌─ /home/tomasfarias/src/github.com/tomasfarias/cargo-deny/Cargo.lock:141:1
    │
141 │ tough 0.5.0 registry+https://github.com/rust-lang/crates.io-index
    │ ----------------------------------------------------------------- security vulnerability detected
    │
    = ID: RUSTSEC-2020-0024
    = URL: https://rustsec.org/advisories/RUSTSEC-2020-0024
    = The tough library, prior to 0.7.1, does not properly verify the uniqueness of
      keys in the signatures provided to meet the threshold of cryptographic
      signatures. It allows someone with access to a valid signing key to create
      multiple valid signatures in order to circumvent TUF requiring a minimum
      threshold of unique keys before the metadata is considered valid.

      AWS would like to thank Erick Tryzelaar of the Google Fuchsia Team for
      reporting this issue.

      A fix is available in version 0.7.1.

      CVE-2020-6174 is assigned to the same issue in the TUF reference
      implementation.

      If you have any questions or comments about this advisory, contact AWS Security
      at aws-security@amazon.com.
    = URL: https://github.com/awslabs/tough/security/advisories/GHSA-5q2r-92f9-4m49
    = Solution: Upgrade to >= 0.7.1
    = tough v0.5.0
      └── cargo-deny v0.8.0

I'm not convinced by the repetition of "URL", should we update the label to something else?

"Solution" was appended to the end of the notes because it was the most straight-forward solution. I'm open to move it somewhere else, although I don't think it looks bad where it is right now.

[Jake-Shadle]

I think maybe renaming the URL: for the advisory to Advisory URL: and the other one to Issue URL: since it is usually the link to the issue/PR on the source repo for the crate which can both be useful.

[Jake-Shadle]

Nice, thanks for the PR!