Move severity for CVE-2019-18348 to unimportant

Technically the issue is sourcewise unfixed in the python source code,
but it is made not exploitable where CVE-2016-10739 was already fixed.
Given the no-dsa markings for the respective older suites as the issue
is minor, switch to the more "correct" (in sense of source affectness)
and mark it as unimportant as the issue is unexploitable.

This adjusts the initial marking done by Moritz in
a2cc636c and if it is disagreement with
this commit it can be discussed if tracking should be reverted.