Mark CVE-2017-14988/openexr as unimportant

Analysis of https://github.com/openexr/openexr/issues/248 upstream
indicates this is caused by an improper assumption from ImageMagick and
the security impact is actually negligable at most. Mark as unimportant
and ideally an involved party properly request a REJECT.