feat(data-source): add AlmaLinux errata support to reduce false positives

[VanitasCodes]

Description

This PR adds AlmaLinux errata support to help reduce false positives when scanning AlmaLinux systems.

AlmaLinux backports security fixes without changing version numbers, which causes cve-bin-tool to report already-patched CVEs. This data source fetches errata from AlmaLinux and provides information about which CVEs have been fixed.

What's Included

• New data source: alma_source.py that fetches from errata.almalinux.org
• Comprehensive tests with 100% code coverage
• Support for both AlmaLinux 8 and AlmaLinux 9
• Fallback to urllib when aiohttp has DNS issues on Windows

Testing

• Fetches ~4,000 advisories containing 11,000+ CVE entries
• Processes 169,000+ affected packages
• All 7 unit tests pass
• All pre-commit hooks pass (interrogate, black, flake8, bandit, etc.)

Related Issues

• Fixes feat: Add AlmaLinux errata support to reduce false positives #5464 (AlmaLinux errata support)
• Related to Add new checker requests for Alma Linux packages not already covered #2761 (AlmaLinux package checker coverage)

[VanitasCodes]

Hi @terriko!

I've implemented the AlmaLinux errata support we discussed in #5464. This PR adds a native data source that:

• Fetches errata from both AlmaLinux 8 and 9
• Processes 4,000+ advisories with 11,000+ CVE entries
• Should significantly reduce false positives for AlmaLinux users

The implementation follows the same pattern as the existing RedHat data source. All tests are passing locally with 100% code coverage.

Let me know if you'd like any changes or have questions about the implementation!