Display "not-affected" in addition to or instead of "fixed"

During the DebCamp25 sprint, in reviewing !222 (merged) (which is meant to help us identify CVEs which are fixed in LTS-1 and LTS+1, but still unfixed in LTS) I noticed that there is a scenario where the tracker displays a CVE as fixed/unfixed/fixed when in truth the status in LTS-1 isn't "fixed by DSA/DLA/ELA", but rather "not-affected". The changes implemented in the MR are logically correct and CVEs that fall into this situation. However, the tracker's visual display doesn't give the full picture and this makes it difficult to distinguish the CVEs that present a regression risk (i.e., because they are legitimately fixed in LTS-1 and LTS+1) and those which don't (i.e., because they are not-affected in LTS-1).

Here is an example from the status page for ceph in the ELTS tracker.

CVE-2023-43040 is truly fixed/unfixed/fixed, but CVE-2022-3650 is actually not-affected/unfixed/fixed:

The fixed versions table correctly displays "not affected". It seems to me that it would be best if the source packages info table on the CVE page and the open issues table on the package page likewise displayed either "not-affected" or "fixed (not-affected)".

@carnil I would very much appreciate your input on this.

/cc @beuc