Update status for CVE-2018-16470/ruby-rack

Strictly speaking this is not needed as we only track vulnerability
issues up to unstable. But in this case it might be interesant to track
the status for experimental for when ruby-rack in more recent version is
going to be uploaded to unstable.