Add date information to OS schema

[wagoodman]

Related to #742, adds the following fields to the os schema:

• Metadata.Updated: date the vuln record was updated
• Metadata.Withdrawn: date the vuln record was withdrawn
• FixedIn.Issued: date the fix was made available

[wagoodman]

This is the actual change

# $ diff schema/vulnerability/os/schema-1.0.1.json schema/vulnerability/os/schema-1.0.2.json
98a99,102
>                 },
>                 "Issued": {
>                   "type": "string",
>                   "description": "date the fix was made available"
117c121,122
<               "type": "string"
---
>               "type": "string",
>               "description": "date the vulnerability was published"
118a124,131
>             "Updated": {
>               "type": "string",
>               "description": "date the vulnerability was last updated"
>             },
>             "Withdrawn": {
>               "type": "string",
>               "description": "date the vulnerability was withdrawn"
>             },

[kzantow]

There are a lot of changes here! You definitely know better than me what's going on, so I'll just leave a couple observations:

• should this have a schema.json, like we do in syft which is always the current and would have ended up showing a diff here? (and could be referred to by commit; unsure if that makes anything really easier)
• it would be ideal if bumping the schema version wouldn't require updating all the test fixtures like this -- maybe some process somewhere updates the values while reading them in test fixtures or migrates the files somehow if it was an easy process

[wagoodman]

Yeah, I agree with both observations -- that's going to require more refactoring of test utils and cases + adding some automation around how the schema is bumped (which does not exist). This PR isn't the right time to introduce those things (but am all for it).