Add libvirt tracking for MDS vulnerabilities as well

It's not directly an issue in libvirt, but to protect VM users as well
when the microcode  provides the mechanism to invoke a flush of various
exploitable CPU buffers by invoking the VERW instruction, libvirt needs
to define the md-clear CPUID bit as well for quests.

Track respective libvirt fixes as well under the CVE-2018-12126,
CVE-2018-12127, CVE-2018-12130 and CVE-2019-11091 ids.