Mark CVE-2019-16866/unbound as not affected for stretch

It looks sufficiently clear that then as well 1.4.22-3+deb8u3 is not
affected, but I have not verified the code in that version for
util/data/msgparse.c.

The issue has been introduced upstream in the 1.7.1 version.

Details: https://nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txt