Rebuild only affected pkgs by the CVE
An RHSA that addresses a specific advisory will contain RPM build(s)
for addressing a specific CVE. Freshmaker uses these RPM build(s) to
find out which images should be rebuilt. In some cases, additional
RPM build(s) are attached to RHSA. These are unrelated to the CVE.
With this change Freshmaker is going to rebuild only the affected
pkgs by the CVE, and not all the contained RPMs in the RHSA.
Signed-off-by: gnaponie <gnaponie@redhat.com>