Automate CVE patches removal

[renatomefi]

Context

When a new CVE comes up we tend to upgrade the package using apk upgrade --no-cache curl for instance.
Since our images are based on official ones, eventually they get the upgraded package which causes us to remove the patches from our Dockerfiles

Solution

• Embrace all CVE patches in blocks like:

###> CVE: 1234 ###

###< CVE: 1234 ###

• Write a script that removes them and tries to build the images and check for vulnerabilities, if it passes then automatically opens a PR with the CVEs removed