Update radare2 information for CVE-2019-16718 and CVE-2019-14745

CVE-2019-16718 exists due to incomplete fixes to CVE-2019-14745. In
Debian the later was not yet fixed, thus CVE-2019-16718 is not affecting
the source in Debian, mark it as such.

Expand note for CVE-2019-14745 to make clear that further commits are
needed to not open CVE-2019-16718.