Reassign CVE-2019-13615 to libebml library

Further investigation upstream showed that the underlying issue is to be
found in the libebml library itself. Reassign in terms of tracking of
source package to the src:libebml library.

Upstream 1.3.6 fixed the issue, but the current bug discussion does not
give details on the exact change.

Contacted MITRE to reformulate the assignment as the issue is in
libebml.