Code review comment for ~eslerm/ubuntu-cve-tracker:select-reference-refresh

Marc, thanks for the feedback. They don't need to be added.

My plan was to exclude all other VDBs (like VulDB, Arch, Fedora, RedHat, SuSe etc)*, but kept Debian since we are based on them. And we have a large number of these links already in the UCT.

I don't mind dropping DSA/DLA additions. We could lint out existing VDB references in UCT.

*We cannot apply this exclusion to GHSAs. It doubles as a first and third party announcement.