Update to 0.37

• Feature: add a detailed explanation of "what to do" when system if found vulnerable against one of the vulnerabilities (skip with --no-explain)
• Feature: rework output for IBRS/IBPB check and better detection for newer kernels (IBRS_FW, IBPB without IBRS, ...)
• Feature: check for Red Hat 7/CentOS 7 specific retp_enabled knob in sysfs
• Feature: detect arm64 Spectre Variant 1, Spectre Variant 2 and Meltdown (Variant 3) mitigations
• Feature: add detection of AMD-specific STIBP, STIBP-always-on, IBRS, IBRS-always-on and IBRS-preferred CPUID feature flags
• Feature: when ibpb_enabled=2 (Red Hat), warn if SMT is not disabled
• Feature: detect whether the kernel supports RSB filling (important for Skylake+)
• Feature: add --paranoid to make IBPB required in addition to retpoline for Variant 2
• Refactor: don't test AMD-specific flags on Intel and Intel-specific flags on AMD for clarity
• Fix: when PTI activation is unknown, don't say we're vulnerable
• Fix: don't hide microcode information for AMD CPUs
• Misc: other minor fixes and enhancements