Document sysutils/puppetserver* vulnerabilities.

PuppetServer bundles Bouncy Castle, so add affected ports to the Bouncy Castle
entry.

sysutils/puppetserver is EOL and will likely never get a fix;
sysutils/puppetserver5 may get fixed in a future release of the 5.x branch;
sysutils/puppetserver6 was fixed in the latest release.

With hat: puppet