Distroless image incorrectly reporting DEB python as binary

[joshbressers]

The explanation below is based on the container image gcr.io/distroless/python3-debian11:debug

If we can this image with Syft, we see the following

bress@anchore ➜  ~ syft gcr.io/distroless/python3-debian11:debug
 ✔ Loaded image
 ✔ Parsed image
 ✔ Cataloged packages      [38 packages]

NAME                  VERSION                       TYPE
<skip things>
python                3.9.2                         binary
python3-distutils     3.9.2-1                       deb
python3.9-minimal     3.9.2-1                       deb

The binary python is being incorrectly identified, it's the same content as the python3.9-minimal packge.

Syft today looks in /var/lib/dpkg/info/NAME:ARCH.md5sums for file details for a given package.
https://github.com/anchore/syft/blob/main/syft/pkg/cataloger/deb/package.go#L181C14-L181C50
In this container image, the md5sums are not in /var/lib/dpkg/info but rather in /var/lib/dpkg/status.d

If we cat the file in the container

# cat /var/lib/dpkg/status.d/python3.9-minimal.md5sums
4b6a8db66faa09206d9234e9cf3021de  usr/bin/python3.9
aecc66187c97e76357534a91673393f3  usr/share/binfmts/python3.9
921e0b9696fd992507cd3d20f7a31770  usr/share/doc/python3.9-minimal/README.Debian.gz
d04f02cbd989cae518b47668060873e5  usr/share/doc/python3.9-minimal/changelog.Debian.gz
d8c47e21fcd8f5a22f90828d568b0084  usr/share/doc/python3.9-minimal/copyright
20f2c450cba1833f945ac22e669e62cb  usr/share/lintian/overrides/python3.9-minimal
ded171ec44eba4cd96494e9342cb126c  usr/share/man/man1/python3.9.1.gz

It appears we have to also look for package data in the status.d directory