Red Hat backports fixes and keep package versions as they are. At times, security scanners are not smart enough to know that. They’d complain the packages are out of date. Making it worse, apache 2.2 has reached EOL since 2018. And even though openssh is now on version 8.2, one will still find version 5.3 on EL6 systems.

Upgrading EL is not an easy task like Ubuntu. One will most likely need to build a new system and migrate things over. If that is an issue for you, install my repo and yum-plugin-priorities. Then install or update httpd-2.2.34 with yum.

While this gives you the very last version of apache 2.2, you may be asked to upgrade to apache 2.4. That’s a different game. IUS and SCL offer apache 2.4. Problem is, IUS’s apache does not work with php in the same repo. Their php are built to work with apache 2.2. So as Remi’s. SCL’s httpd24 and php work together, but they put files under a completely different location. And they stop making php packages at version 7.0, which is EOL.

It’s a mess. Migrate to FPM if you can.

Use the packages at your own risk. I cannot promise future updates. Your best option is to migrate to newer OS and rely on updates from the official distro.