Reassociate one cups issue with correct CVE id

Unfortunately there was upstream a typo on the correct CVE id, which
actually then was widely used by almost everyone. There is some
background on https://github.com/apple/cups/issues/5561 where it was
clarified that the right CVE is CVE-2018-4300 and retrospectively as
well fixed in the changelogs.