Update regex to address CVE-2022-24713/RUSTSEC-2022-0013

[pbrkr]

See:

• https://nvd.nist.gov/vuln/detail/cve-2022-24713
• https://rustsec.org/advisories/RUSTSEC-2022-0013.html
• https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8

We also need to update memchr to meet the requirements of regex v1.6.0.

[nabijaczleweli]

We're as unaffected as we were in March:

This issue has been assigned CVE-2022-24713. The severity of this vulnerability is "high" when the regex crate is used to parse untrusted regexes. Other uses of the regex crate are not affected by this vulnerability.

The only regexes we use are, indeed, constant:

src/ops/mod.rs:use regex::Regex;
src/ops/mod.rs:    static ref REGISTRY_RGX: Regex = Regex::new(r"([^\s]+) ([^\s]+) \(registry+\+([^\s]+)\)").unwrap();
src/ops/mod.rs:    static ref GIT_PACKAGE_RGX: Regex = Regex::new(r"([^\s]+) ([^\s]+) \(git+\+([^#\s]+)#([^\s]{40})\)").unwrap();

And regex 1.5.5 wants rust 1.41.1.

[pbrkr]

I've followed up with #194 to mark this advisory as ignored so that hopefully no-one else wastes time submitting a useless PR like this one :)