Add CVE-2018-20573/yaml-cpp0.3

Note that the issue is somehow cowered, the crash2 does not trigger the
exact backtrage to verify the issue. The code looks though affected and
similar in both variants.

Keep an eye on upstream issue and the respective to be filled Debian bug
for updates from the respective maintainers in case this initial triage
was wrong.