Final changes before public release

The database fields for the advisories, and how they mapped from each data
source, grew up organically and so had consistency problems.  Went through
to look at each data source and help reconcile them into something better.

* synopsis is removed
* title is the short description
* description is the long description
* fields for cve and upstream id added

Added a command to print out a file containing lines for each
mcollective package update, and individual files for each package
with the servers to upgrade that package on.

Limit reporting to only recent hosts

We're currently not expiring any servers, so are showing vulnerabilities
for servers that are no longer in service.  For now, fix this by ignoring
any servers with a last checkin greater than a week ago.

Pull over first version of working app to master

The CVRF source for RHEL wasn't the best for our use.  It only reported
on the source packages affected by an advisory, which caused problems
when a source package built multiple packages (ex: bind building bind and
bind-lib and others).

Moved to use the OVAL sources instead, which do contain package
information directly.

Separated out and renamed the existing classes for our importing functions.
This is meant to standardize on the interface names to make it easier to add
new package and advisory types.

Along with this I needed to do an ugly fix to make sure the advisories aren't
just pointers to another record when exported as yaml.

Add in an os_family field (rhel or centos currently) to the packages table.
This is calculated from the server that has the packages, and is used to separate
out advisories based on whether the advisory is for rhel or centos.

Added caching of package to advisories to cut out a lot of the repeat
calculations and queries.

Add a report for vulnerabilities by package, and also let the vulnerabilities
by hosts take package to limit by.

The application will clone the repo if it's not yet there, or do a git pull
on each run otherwise.

Keep track of all changes we're making, so that we can debug in case of
strange cases.