Find out which pkgs in the advisory fix the CVE
An RHSA that addresses a specific advisory will contain RPM build(s)
for addressing a specific CVE. Freshmaker uses these RPM build(s) to
find out which images should be rebuilt. In some cases, additional
RPM build(s) are attached to RHSA. These are unrelated to the CVE.
With this change Freshmaker is going to find out which are the pkgs
in the advisory actually fix the CVE.
Signed-off-by: gnaponie <gnaponie@redhat.com>