On Fri, Jul 17, 2020 at 5:44 PM Hilbert, Karin <ioh1@psu.edu> wrote:
We have PostgreSQL v9.6 & also PostgreSQL v11.8 installed on various Linux VMs with Red Hat Enterprise Linux Server release 7.8 (Maipo) OS. We're also running repmgr v5.1.0 & PgBouncer v1.13.
We're getting vulnerability reports from our Security Office for the following packages:
- python-pulp-agent-lib-2.13.4.16-1.el7sat
- python-gofer-2.12.5-5.el7sat
For some reason these packages aren't being updated to the current versions & our LinuxAdmins haven't been able to resolve the update issue. It has something to do with a satellite? (I'm not a Linux Admin - I don't really know what they're talking about). Anyway, are these packages anything that would be required by PostgreSQL, repmgr or PgBouncer? It's nothing that I installed on the VMs - I assume that it's something installed along with the OS. The Linux Admin's recommendation is to just remove these packages.
They are not. They are part Pulp for example, but in particular they are part of RedHat Satellite which is probably why the package version has a name ending in "sat". So it would be something a Linux admin would put in there, not the DBA.
But to answer the question, no they are not required by PostgreSQL, repmgr or pgbouncer.
