Remove notes for CVE-2009-5146

Apparently the CVE was withdrawn by its CNA (Mitre or OpenSSL?) because
further investigation showed that it was not a security issue. This is
not entirely clear, because in the first place back then it was assigned
in https://www.openwall.com/lists/oss-security/2015/03/16/7 .

But given MITRE beeing the assigner and now withrawn it follow this
without raising the question to MITRE.