Hi Erez,
The whole point is that we shouldn't have to use a Mellanox supplied RPM for a package which is already in the official Red Hat channels.
The advice we got from our 3rd party supplier was to use yum-versionlock, which is rather avoiding the issue IMHO.
We've had problems with version locking RPMs in the past, as this can also prevent security errata being installed.