Mark open ceph issues as no-dsa for Jessie.

This can only be fixed by making rather intrusive code changes. In addition
two issues require an authenticated user to exploit the vulnerability. Ceph is
also not used by any sponsor.