Mark CVE-2020-054{8,9} as no-dsa for buster and stretch

If all migitgations for TAA and MDS are applied the impact is low for
these issues. Furthremore there will be not Linux fixes. Intel will
likely release updates for intel-microcode additionally covering
CVE-2020-0548 and CVE-2020-0549 in one of the next IPUs (possibly in
march).