389-ds-base: mark CVE-2018-14638 not affected

CVE-2018-14638: two cloned pblocks share the same password policy,
and under certain circumstances the clone might be freed, consequently
freeing the shared password policy. Later, when the original password
policy is freed, it tries to free the password policy a second time
thus resulting in double free, crash and other undefined behavior.

It seems that this vulnerability first appeared in

74c666b83e3e1789c2ef3f7935c327bd7555193e (after 1.3.6.3), which
introduced the concept of cloning blocks

and

407d7d9de7e9c4db1e4c1f5a1a98890f2474c477 (after 1.3.7.0), which
refactored the pblock to a tree-like structure.

It is not completely clear to me when exactly the vulnerability first
appeared, but it is almost certain that the Jessie version (1.3.3.5)
is not affected since affected concepts are not present at all.