Add source package tracking for CVE-2018-11802

Mark it as undetermined, as unclear if it affects as well the ancient
version in Debian. It is know that 6.x and 7.x is affected.