[Apollo] Advisories Statistics light light Login

RLSA-2026:1509

Security Mirrored from RHSA-2026:1509
Issued at: 2026-01-30
Updated at: 2026-01-30

Synopsis

Important: spice-client-win security update



Description

Spice client MSI installers for Windows clients

Security Fix(es):

* libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins) (CVE-2025-14523)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2421349

CVEs

CVE-2025-14523

Affected packages

Rocky Linux 8 x86_64 - AppStream

spice-client-win-0:8.10-6.el8_10.1.src.rpm spice-client-win-x64-0:8.10-6.el8_10.1.noarch.rpm spice-client-win-x86-0:8.10-6.el8_10.1.noarch.rpm

Rocky Linux 8 aarch64 - AppStream

spice-client-win-0:8.10-6.el8_10.1.src.rpm spice-client-win-x64-0:8.10-6.el8_10.1.noarch.rpm spice-client-win-x86-0:8.10-6.el8_10.1.noarch.rpm