Miscellaneous post-release tweaks

Since CVE-2023-50868 does not have a dedicated fix in BIND 9, mention its CVE identifier in the CHANGES entry for CVE-2023-50387 (KeyTrap), which accompanied the code change that addresses both of these vulnerabilities.

A release note for CVE-2023-50868 was not included in BIND 9.19.21, even though that vulnerability was already addressed in that release (by the fix for CVE-2023-50387). Retroactively add a relevant release note for BIND 9.19.21.

Fix a CHANGES entries numbering issue that was inadvertently introduced when change 6344 was backported. This makes the affected CHANGES numbers consistent across all branches and releases again.