Mark CVE-2018-12536/jetty9 as fixed with 9.2.25-1

Emmanuel Bourg did some more investigation and whilst not there is no
indication on the specific fix, upstream claims it is adressed in
9.2.25, 9.3.24 and 9.4.11.

https://github.com/eclipse/jetty.project/blob/jetty-9.4.x/jetty-documentation/src/main/asciidoc/reference/troubleshooting/security-reports.adoc

potentially need to trust upstream here with the versions.