Customer wants to upgrade apache version ?

From time to time Avamar engineering will release a bundle of security updates for the Avamar DataStore Linux OS.  These have been tested and can be applied to an Avamar system.  No other patches or OS component upgrades should be installed on the system.

The first thing to do would be to make use of the Avamar downloader service to ensure that the system is fully patched with all the latest updates.

After this, if a customer still has a security concern check the following KB article

EMC83326 - Security Alert Master List (cust viewable)

If the vulnerability isn't listed there you can open a service request making sure to provide the following information

• Common Vulnerabilities and Exposures (CVE) identifier
• The vulnerability description

If a security scanner is being used, include:

• Scanning tool used, its version
• Vulnerability scan info
• Actual scan report
• The impact
• The affected systems
• Link to 3rd part vendor alert

Hope that helps..