diff --git a/.gitignore b/.gitignore
index a766dc5..4080a2c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -26,3 +26,4 @@
 /keepalived-1.4.5.tar.gz
 /keepalived-2.0.5.tar.gz
 /keepalived-2.0.6.tar.gz
+/keepalived-2.0.10.tar.gz
diff --git a/keepalived.spec b/keepalived.spec
index 0a42cb9..1de2cd2 100644
--- a/keepalived.spec
+++ b/keepalived.spec
@@ -8,7 +8,7 @@
 
 Name: keepalived
 Summary: High Availability monitor built upon LVS, VRRP and service pollers
-Version: 2.0.6
+Version: 2.0.10
 Release: 1%{?dist}
 License: GPLv2+
 URL: http://www.keepalived.org/
@@ -96,6 +96,13 @@ mkdir -p %{buildroot}%{_libexecdir}/keepalived
 %{_mandir}/man8/keepalived.8*
 
 %changelog
+* Mon Nov 26 2018 Ryan O'Hara <rohara@redhat.com> - 2.0.10-1
+- Update to 2.0.10
+- Fix improper pathname validation (#1651864, CVE-2018-19044)
+- Fix insecure permissions when creating temporary files (#1651868, CVE-2018-19045)
+- Fix insecure use of temporary files (#1651870, CVE-2018-19046)
+- Fix buffer overflow when parsing HTTP status codes (#1651873, CVE-2018-19047)
+
 * Wed Jul 25 2018 Ryan O'Hara <rohara@redhat.com> - 2.0.6-1
 - Update to 2.0.6 (#1576138)
 
diff --git a/sources b/sources
index e043d10..5aaafd7 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (keepalived-2.0.6.tar.gz) = 9e340825b443c02ba1afe27d9ad97afc34722d80a27fc9a5f934157ec04ff15cef0a82b68c8917712415dc7ef079e27af88ac29a372ef42c87fcc9f9b8ab751e
+SHA512 (keepalived-2.0.10.tar.gz) = e76562e5d9d9dc945f0c9702f5f3c6be6acd8c66a59aea1f8287810a2eeb4c65b6cb7e1cd84c1e478978f7db94dba7f8a918ca4847f90a6554b20d757addd2db