Add graphicsmagick as well for CVE-2019-16709

Note, this is only done when graphicsmagick upstream thinks this is the
very exact same issue as in corresponding imagemagick, and also tracks
it with this CVE (usually both get distinct sets).

In this case thus add src:graphicsmagick as well to CVE-2019-16709.