Automatically strip no-dsa tags by gen-DLA

Sometimes issues tagged no-dsa are fixed by an upload. In such cases the no-dsa tag currently has to removed manually from CVE/list. It would be more reliable and convenient to do this with bin/gen-DLA, which then would strip existing no-dsa tags for CVE IDs passed to the script.

Status: We do not have a convenient way of writing to the cvelist. The current parser strips required information as as such the results cannot be written back to a file without losing information.

Additionally, since this task involves potentially mutating data/CVE/list in the security tracker, coordination with the security team is required.