Skip to main content

Manage Operating System Vulnerabilities and Package Upgrades

Updated today

Overview

You can manage and remediate OS vulnerabilities for your backup infrastructure directly from the Management Console. You can view the current patch status and upgrade necessary OS packages on the host OS to fix identified vulnerabilities for the official VMware Backup Proxies, Oracle PBS, and TurboTier.

You can choose to manage it at a centralized level for a unified view across all eligible workloads, or at the individual workload level for specific proxies or cache devices.

❗Important

Ensure outbound access to ubuntu.com in your firewall or proxy settings to prevent service interruption.

Agents & Proxies Page

You can upgrade OS packages for VMware, Oracle PBS, and TurboTier, you can use the Agents and Proxies page.

The Vulnerabilities Fixed Up To column uses specific icons to denote status:

  • Green Checkmark: OS packages are fully up to date.

  • Yellow Up Arrow: An upgrade is available (a newer patch level exists).

  • N.A. (Gray Circle): Not applicable (e.g., Windows OS).

Upgrade

You can trigger an update to fix OS vulnerabilities when new patches are available.

  1. Navigate to Agents and Proxies > select your workload (TurboTier / Oracle PBS / VMware).

  2. Select the instance for which you want to fix the vulnerabilities.

  3. Click Upgrade and select Fix OS Vulnerabilities.

    Note: The system will validate eligibility. If some agents/proxies are ineligible, a dialog will list them, allowing you to proceed with the remaining valid proxies.

Once the process is complete, the Vulnerabilities Fixed Upto column will update to reflect the latest timestamp.

VMware Backup Proxies

View Vulnerability Status

  1. Navigate to VMware > Backup Proxies.

  2. Locate the column Vulnerabilities Fixed Up To.

    • Timestamp (e.g., Oct 1, 2024): Indicates that OS packages are updated to fix vulnerabilities through security patches that are available in the Ubuntu archives on this specific date.

    • N.A.: Vulnerability information is not applicable (usually due to unsupported OS, non-upgraded agents, or virtual machines that are not deployed using Druva provided OVA files).

Fix OS Vulnerabilities

You can trigger an update to fix OS vulnerabilities when new patches are available.

  1. On the Backup Proxies page, select the check box next to the proxies you wish to upgrade.

  2. Click the Upgrade dropdown menu.

  3. Select Fix OS Vulnerabilities.

Note: The system will validate eligibility. If some proxies are ineligible, a dialog will list them, allowing you to proceed with the remaining valid proxies.

Oracle PBS

You can view the status of operating system security patches and apply available fixes to your Phoenix Backup Stores directly from the Management Console.

View Vulnerability Status

The Phoenix Backup Stores page provides visibility into the current patch level of your configured stores.

  • Locate the column Vulnerabilities Fixed Up To.

    • Timestamp (e.g., Oct 1, 2024): Indicates that OS packages are updated to fix vulnerabilities through security patches that are available in the Ubuntu archives on this specific date.

    • N.A.: Vulnerability information is not applicable (usually due to unsupported OS, non-upgraded agents, or virtual machines that are not deployed using Druva provided OVA files).

Fix OS Vulnerabilities

You can trigger an update to fix OS vulnerabilities when new patches are available.

  1. Log in to the Management Console.

  2. Navigate to Enterprise Workloads > Phoenix Backup Stores.

  3. Select the check box next to the backup store you want to update.

  4. Click the More options icon (three vertical dots) in the action bar.

  5. Select Fix OS Vulnerabilities from the dropdown menu.

    Note: The system will validate eligibility. If some agents are ineligible, a dialog will list them, allowing you to proceed with the remaining valid agents.

Once the process is complete, the Vulnerabilities Fixed Upto column will update to reflect the latest timestamp.

TurboTier

Prerequisites

  • Operating System: This feature is available only for Linux-based TurboTier deployed using OVA template. It is not available for Windows TurboTier.

View Vulnerability Status

You can view the status in two locations:

  1. List View: Navigate to TurboTier > Configured tab and check the Vulnerabilities Fixed Up To column.

  2. Overview Page: Click on a specific TurboTier device name and look for the Vulnerabilities Fixed Up To field in the Summary widget.

Upgrade OS Packages

You can trigger an update to fix OS vulnerabilities when new patches are available.

  • From List View: Select the check box for the Linux TurboTier device(s), click Upgrade, and select Fix OS Vulnerabilities.

  • From Overview Page: Click the More options (kebab menu) in the top right corner and select Fix OS Vulnerabilities.

Note: The system will validate eligibility. If some agents are ineligible, a dialog will list them, allowing you to proceed with the remaining valid agents.

Once the process is complete, the Vulnerabilities Fixed Upto column will update to reflect the latest timestamp.

Troubleshooting & Limitations

If the upgrade fails or the status is "N.A.", check for the following:

  • Outdated Agent/Proxy Version: The current version does not support this feature.

  • Deployment Method: The proxy must not have been deployed using the official OVA template.

  • Unsupported OS: Remote package updates are not supported for the host OS version. Ensure that the OS version is supported by Druva.

Related Articles
Enterprise Workloads EOS policy
How to upgrade VMware backup proxy
Log locations on VMware Backup Proxy and Linux TurboTier
System requirements for TurboTier
How to fix detected vulnerabilities on VMware backup proxy
Did this answer your question?