Release process: generate security advisory boilerplate from a template
This way:
- RMs won't mistakenly copy an old advisory that lacks recent improvements (at least I did this in the past).
- Technical writers can modify the template (requested by @sajolida).