Track the new 13 vulnerabilities in u-boot

Tracking as no-dsa because is mainly an issue when u-boot is configured
to use the network for fetching the next stage boot resources and this
probably should happen only in trusted environments.