ELA-1765-1 apache2 security update

multiple vulnerabilities

2026-07-02
Packageapache2
Version2.4.25-3+deb9u25 (stretch)
Related CVEs CVE-2026-29167 CVE-2026-29170 CVE-2026-34355 CVE-2026-34356 CVE-2026-42535 CVE-2026-42536 CVE-2026-43951 CVE-2026-44119 CVE-2026-44185 CVE-2026-44186 CVE-2026-44631 CVE-2026-48913


Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in remote code execution, privilege escalation, denial of service or information disclosure.



For Debian 9 stretch, these problems have been fixed in version 2.4.25-3+deb9u25.

We recommend that you upgrade your apache2 packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.