Revert "change CVE-2019-9917 from no-dsa to not-affected"

This reverts commit 1b37dc55.

See commit 8014e6ca . The issue was
confirmed by upstream to affect the version in jessie. The fix is though
just to intrusive to backport and was thus marked no-dsa.

It might be set to 'ignored' since it would be unlikely to find a proper
solution for the jessie version.