Remove unneeded aliased reference to Red Hat bug

NOTABUG in Red Hat context does not necessarly mean the issue is not
present. The statement is made clear in
https://bugzilla.redhat.com/show_bug.cgi?id=1535554#c4 and indeed that
CVE might not be warranted. In any case we should not follow right away
NOTABUG tagged Red Hat bugs but carlify with upstreams and maintainers
if the CVE is invalid.

The specific CVEs for krb5 are already discussed with the maintainers
(wich are as well upstream), so we will followup once we have more
feedback on the two particular CVEs.