A quick hack requested by lle-bout: indicate CVE severity with
pretty/scary colours. It's deliberately simple: no scoring, no
versioning, no importing (guix colors) from (guix cve), ...
Another patch adds order to the rainbow. Sort CVEs by ID, so
chronological. In combination with the other patch, I prefer this
more complex ordering and/or grouping by severity.