Explicitly track the fix for CVE-2018-16470/ruby-rack in experimental

The issue was only introduced in 2.0.4 and thus never affected sid as
already recorded. For keeping the information mark the fixed version for
experimental as well.