| Package | apache2 |
|---|---|
| Version | 2.4.25-3+deb9u23 (stretch) |
| Related CVEs | CVE-2026-24072 CVE-2026-28780 CVE-2026-29169 CVE-2026-33006 CVE-2026-33007 CVE-2026-33523 CVE-2026-33857 CVE-2026-34032 CVE-2026-34059 |
Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in remote code execution, privilege escalation, denial of service or information disclosure.
For Debian 9 stretch, these problems have been fixed in version 2.4.25-3+deb9u23.
We recommend that you upgrade your apache2 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.