As part of the System Penetration results, customer was advised that the versions of Apache and OpenSSL running on its EC2 instances bundled with RedHat Linux 8 are outdated and need to be updated to the latest version as they are vulnerable to several security vulnerabilities that might lead to system compromise according to penetration test outcomes. However, customer's Managed Service Partner advised that these versions that come with RedHat package updates are the latest ones that are compatible with the version of RedHat Kernel, and it would not be a good idea to manually upgrade these to the mainstream versions.
The customer would like to know the best way to resolve this issue?