Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderateman-in-the-middle

Scientific Linux: CVE-2010-2792 Moderate: qspice-client Security Issue

Moderate: qspice-client security update. Date: Wed, 25 Aug 2010 15:36:30 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: qspice-client on SL5.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." Synopsis: Moderate: qspice-client security update Issue date: 2010-08-25 CVE Names: CVE-2010-2792 The qspice-client package provides the client side of the SPICE protocol. A race condition was found in the way the SPICE Mozilla Firefox plug-in and the SPICE client communicated. A local attacker could use this flaw to trick the plug-in and the SPICE client into communicating over an attacker-controlled socket, possibly gaining access to authentication details, or resulting in a man-in-the-middle attack on the SPICE connection. (CVE-2010-2792) NOTE: Because qspice-client was originally only x86_64, there are several dependencies for i386 going out with this errata. SL 5.x SRPMS: qspice-client-0.3.0-4.el5_5.src.rpm i386: qspice-client-0.3.0-4.el5_5.i386.rpm Dependancies: celt051-0.5.1.3-0.el5.i386.rpm celt051-devel-0.5.1.3-0.el5.i386.rpm log4cpp-1.0-9.el5.i386.rpm log4cpp-devel-1.0-9.el5.i386.rpm log4cpp-docs-1.0-9.el5.i386.rpm qcairo-1.8.7.1-3.el5.i386.rpm qcairo-devel-1.8.7.1-3.el5.i386.rpm qffmpeg-devel-0.4.9-0.15.20080908.el5.i386.rpm qffmpeg-devel-0.4.9-0.16.20080908.el5_5.i386.rpm qffmpeg-libs-0.4.9-0.15.20080908.el5.i386.rpm qffmpeg-libs-0.4.9-0.16.20080908.el5_5.i386.rpm qpixman-0.13.3-4.el5.i386.rpm qpixman-devel-0.13.3-4.el5.i386.rpm x86_64: qspice-client-0.3.0-4.el5_5.x86_64.rpm -Connie Sieh -Troy Dawson . A recent update to the qspice-client for Scientific Linux addresses a communication vulnerability that could allow for man-in-the-middle attacks.. Qspice Client, Scientific Linux, Communication Flaw, Security Update, Authentication Risk. . LinuxSecurity.com Team

Calendar 2 Aug 25, 2010 Scientific Linux
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatupdate

RHEL 5: RHSA-2010:0632-03 Moderate: Qspice-Client Communication Flaw

An updated qspice-client package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: qspice-client security update Advisory ID: RHSA-2010:0632-03 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2010:0632.html Issue date: 2010-08-25 CVE Names: CVE-2010-2792 ==================================================================== 1. Summary: An updated qspice-client package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor, or on Red Hat Enterprise Virtualization Hypervisor. The qspice-client package provides the client side of the SPICE protocol. A race condition was found in the way the SPICE Mozilla Firefox plug-in and the SPICE client communicated. A local attacker could use this flaw to trick the plug-in and the SPICE client into communicating over an attacker-controlled socket, possibly gaining access to authentication details, or resulting in a man-in-the-middle attack on the SPICE connection. (CVE-2010-2792) Users of qspice-client should upgrade to this updated package, which contains a backported patch tocorrect this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 620350 - CVE-2010-2792 spice-xpi/qspice-client unix socket race 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: qspice-client-0.3.0-4.el5_5.i386.rpm qspice-client-debuginfo-0.3.0-4.el5_5.i386.rpm x86_64: qspice-client-0.3.0-4.el5_5.x86_64.rpm qspice-client-debuginfo-0.3.0-4.el5_5.x86_64.rpm RHEL Optional Productivity Applications (v. 5 server): Source: i386: qspice-client-0.3.0-4.el5_5.i386.rpm qspice-client-debuginfo-0.3.0-4.el5_5.i386.rpm x86_64: qspice-client-0.3.0-4.el5_5.x86_64.rpm qspice-client-debuginfo-0.3.0-4.el5_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2010-2792 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2010 Red Hat, Inc. . This bulletin addresses a significant security enhancement for the tool qspice-server, rectifying a transmission issue detailed in RHSA-2023:0451.. qspice-client update, RHEL advisory, Red Hat patch. . LinuxSecurity.com Team

Calendar 2 Aug 25, 2010 Red Hat
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here