Hello
We are using the following postgresql rpms, we download from https://yum.postgresql.org/9.6/redhat/rhel-6.6-x86_64/
postgresql96-libs-9.6.6-1PGDG.rhel6.x86_64
postgresql96-server-9.6.6-1PGDG.rhel6.x86_64
postgresql96-9.6.6-1PGDG.rhel6.x86_64
postgresql96-contrib-9.6.6-1PGDG.rhel6.x86_64
The following rpms does not have any vendor name. It is needed for the SVL (Software Vendor List)
(none),postgresql96,9.6.6
(none),postgresql96-contrib,9.6.6
(none),postgresql96-libs,9.6.6
(none),postgresql96-server,9.6.6
rpm -qi postgresql96
Name : postgresql96 Relocations: (not relocatable)
Version : 9.6.6 Vendor: (none)
Note that as part of our security process, it is needed to report all used 3PP in order to be informed automatically of any new vulnerability (CVE) . The database needs Vendor, Name and Version from the rpm as input and actually it is needed to add manually a Vendor for postgresql rpm before uploading the information otherwise the upload would failed.
Thanks!
Best Regards
Audrey