Skip to navigation

Security Advisory Moderate: glibc security and bug fix update

Advisory: RHSA-2012:1207-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-08-27
Last updated on: 2012-08-27
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2012-3480

Details

Updated glibc packages that fix multiple security issues and one bug are
now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

The glibc packages provide the standard C and standard math libraries used
by multiple programs on the system. Without these libraries, the Linux
system cannot function properly.

Multiple integer overflow flaws, leading to stack-based buffer overflows,
were found in glibc's functions for converting a string to a numeric
representation (strtod(), strtof(), and strtold()). If an application used
such a function on attacker controlled input, it could cause the
application to crash or, potentially, execute arbitrary code.
(CVE-2012-3480)

This update also fixes the following bug:

* Previously, logic errors in various mathematical functions, including
exp, exp2, expf, exp2f, pow, sin, tan, and rint, caused inconsistent
results when the functions were used with the non-default rounding mode.
This could also cause applications to crash in some cases. With this
update, the functions now give correct results across the four different
rounding modes. (BZ#839411)

All users of glibc are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
glibc-2.5-81.el5_8.7.src.rpm
File outdated by:  RHSA-2013:1411
    MD5: f09c6a0634bc202ccc2f5f9d2da2c51a
SHA-256: 5856703f0d2295efa98b8a6112138e9a49d196edcaedce46fc2bfadcf5179a06
 
IA-32:
glibc-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 4977b16e34044a35276a3f5a803c157b
SHA-256: 8648ab46c03e466b4ecb89976a87e5401811c6f9658047898b7de4c8426720aa
glibc-2.5-81.el5_8.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3e3f92eed58e0d58dad69454c1516b57
SHA-256: 1f84d97549f249679e751b38ee0fa4a75b2939f09ddf863437fb8ee18bbb8604
glibc-common-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: d722ea60273b4b99ffaf5be97b11b637
SHA-256: 0c76be3243655630fba1b1bc639074a2110cbf89609d41888b54c5ec92003960
glibc-debuginfo-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 79f859154d41e3a8d7f3fda9d3746a57
SHA-256: d9f46732baffad83bc0bf836ebe1632ac6a47c16cc8b799cf5a31251d7ecc274
glibc-debuginfo-2.5-81.el5_8.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: d377872ddc8906f7c82d82da76e03ef4
SHA-256: c125c94929fa87a4067b3a84e21e4d98015b435fb22e08356c30559331fe099e
glibc-debuginfo-common-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2ac7a69dfde2d7b93e33bc677931b2c6
SHA-256: d171708d88bae1f6dbfac788c39db406ceca21c4584ba6c2bbad2d7b377e8519
glibc-devel-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: e5a54b589bddf91de2fdba8c4e01a996
SHA-256: 0845f36553dc5c11187b1633c03ebfa1bab4737e6a380fb0e3519ebeefab97f0
glibc-headers-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 6c2c195cda140426c808537a7c4ea7cb
SHA-256: fda287f539f90d59a67c3db904d5a09a9d3de2506dd47d5ee8b728715bbbe79e
glibc-utils-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: ef7ccfd511ea7a42f052037d26eaa0cd
SHA-256: 078be2474a9bf279cc44588d48c76eb2b574ec9856cd2ca611ae827822850b75
nscd-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: b75fdc896087a25614c9e099320bea53
SHA-256: 7fc817ea3fdb18819a005082e163e2e90f2067eae56d452695e87a7e0f6ef485
 
IA-64:
glibc-2.5-81.el5_8.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3e3f92eed58e0d58dad69454c1516b57
SHA-256: 1f84d97549f249679e751b38ee0fa4a75b2939f09ddf863437fb8ee18bbb8604
glibc-2.5-81.el5_8.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 03e27078830e7c65538d55a10d74565f
SHA-256: ca694f3484ab3ddf1c543f7702136c119b7c32813955404c5db2138ced9ec344
glibc-common-2.5-81.el5_8.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 46fc058c9a17e76e1a3e111c4be423cb
SHA-256: 815aaa9bc144607d88716dda344adea323b29c68e44766aed43d1da17d09f388
glibc-debuginfo-2.5-81.el5_8.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: d377872ddc8906f7c82d82da76e03ef4
SHA-256: c125c94929fa87a4067b3a84e21e4d98015b435fb22e08356c30559331fe099e
glibc-debuginfo-2.5-81.el5_8.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: cfb5ab68ebf3749c83c27d6ed1b3d4fc
SHA-256: fd1a3a1c4615c27a5d1471a5cac6720f6ef15e2e7a4997a997d8210c75f417cc
glibc-devel-2.5-81.el5_8.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 59daf3423bd582747cc8354c0d398a31
SHA-256: 77d7faf90193ae06c8a2de9348b257e429c5f4189964f252b9e9dc98e65b11a7
glibc-headers-2.5-81.el5_8.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3804fbfc20d9369709c4e6b869990745
SHA-256: 9e48ec032c01beacd1bdb9e7036f02efe3e0b2473e5551de3cec4a89c43db0f8
glibc-utils-2.5-81.el5_8.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e42642958db8c265069ae5996662d4bf
SHA-256: 4c2983a99aa4edf7fb39e0733e675f68204cdfd29c3b22b77799b581eb05da9c
nscd-2.5-81.el5_8.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: d623edf58151011d3389860039dc0fae
SHA-256: ce2569e413323271fa5ced33c37ccb5a373b08a73e608a43793da121be8e12f5
 
PPC:
glibc-2.5-81.el5_8.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 575ff2da619683a5cb05145f59114c88
SHA-256: c7634ed00ec5ef935b0ad6d24b8b479b8edf28af105d469e0c96cddb92b00ed8
glibc-2.5-81.el5_8.7.ppc64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 385941201f6f0feaf25e9931ed1b66d9
SHA-256: 8cd80294c4f95a31a9838c5e3ec89da1e7a92fce9bb53279c16f4d75ea567b4c
glibc-common-2.5-81.el5_8.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: d81f954d6f3d17916dd94bf2b24f0059
SHA-256: 01698ba4cfebab9edee3baa51d405181d2234681b4146a8af109fa2c68a2a433
glibc-debuginfo-2.5-81.el5_8.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: f88241c0c136b4a8b032be86b528c59b
SHA-256: 9e4e7541617a03b9a5e8eadd07847a7d7fc1ed42f3139919a6c2b52cffe4428c
glibc-debuginfo-2.5-81.el5_8.7.ppc64.rpm
File outdated by:  RHSA-2013:1411
    MD5: fd10433d49fb11bc48282d7d76d4a1af
SHA-256: f2a1ff8591d2a4c085ea06e410149549f7d10781c9d89f6a7f1581ff9c13c75e
glibc-devel-2.5-81.el5_8.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: bd24262ced51b18a93ae41179ef40dd1
SHA-256: 33eee91e7c06c6957ee72eceef53ce1c936d310bb5570e0f1d0abedf41ea06e4
glibc-devel-2.5-81.el5_8.7.ppc64.rpm
File outdated by:  RHSA-2013:1411
    MD5: bd90cbd67dc0f0bea16152913c5ee7f5
SHA-256: d65ef8168ec45a961683413d06510f04cb6d2300ec2af6aebc7e223366a8df40
glibc-headers-2.5-81.el5_8.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 202b3e67ddedbdd0a9a744df02e8c5e3
SHA-256: 39eab06b69722776b78ddd00a88e5ab92f8303b019c75b4204c1d701842f033d
glibc-utils-2.5-81.el5_8.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 13a8d707884545eac30dd25e0bbb9cbe
SHA-256: 7ec42f28a18ced093c05df28855b42e6b5ec67777fc3686e8f5d0d0bd9c8ebcc
nscd-2.5-81.el5_8.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3dc39a2aa09050915d23b636758762f4
SHA-256: df00b27e0b4e9cf24132c3c34bc6ae08bdd6bb9929d0011f130bdec81b32d325
 
s390x:
glibc-2.5-81.el5_8.7.s390.rpm
File outdated by:  RHSA-2013:1411
    MD5: 0ba5e4599e9bdf52e18a8d66fc317468
SHA-256: 022751c790ffbc927974244aa3df48881d27f641ec87e9dce01a6278ea1cbac3
glibc-2.5-81.el5_8.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 6106326059f5ee5e526aa13580a8ba29
SHA-256: dbf6d63135393ef1b86d2faf41d027871f6b19f15b98b2097e3b374c48268464
glibc-common-2.5-81.el5_8.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 6f228961f264429e934eb7ec075692db
SHA-256: 0d6d4d7989c6ae1678a2d0d69c635ec7f3bb31e81ee49856bab2f3a245b9875a
glibc-debuginfo-2.5-81.el5_8.7.s390.rpm
File outdated by:  RHSA-2013:1411
    MD5: 04b48492715c84bd0f6b785f987d84c8
SHA-256: 8491111df567309daa8cfb717d6b3d3a3fddc61b5d346d44ac6c347b1998c4ce
glibc-debuginfo-2.5-81.el5_8.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 54093090c69cd00fb7a3590c007c2698
SHA-256: 3bb4d74b91a91302ce647cb3f8c518b0fa1f772ff5c1eefcc6f65353c9843a75
glibc-devel-2.5-81.el5_8.7.s390.rpm
File outdated by:  RHSA-2013:1411
    MD5: a6e5b634e4daf3f166cf311f1adb347d
SHA-256: d850b54c45d3990c108bf7986ce9e7a45fa005ffe88678d5c2c40ec59b1c9263
glibc-devel-2.5-81.el5_8.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: c4699e044e0314910351c7de70f6da04
SHA-256: 58ed7fb95fac7d76c65959e16abd3a81df6411c86e4b6442bf9223faf8e50f5e
glibc-headers-2.5-81.el5_8.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: ed2d68b7d9973c7642073c16428b71b6
SHA-256: 657e59a64473460f57fff3ec47dad4be74d9cadaab53a7df0d7175aa72821d67
glibc-utils-2.5-81.el5_8.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 50ed510b919c6d9d0d408120f62a2e34
SHA-256: 98920e6f0f7dbab3234356be176e968ed613ef36023a88e0b8b8888c302cb912
nscd-2.5-81.el5_8.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 5d6011c13fa6dfdb590a6e2e15767dc3
SHA-256: 55d23714cdc14ccf0b5d02ab17d2b6da0acfb20e713d0b7aaf08637e48e00b7e
 
x86_64:
glibc-2.5-81.el5_8.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3e3f92eed58e0d58dad69454c1516b57
SHA-256: 1f84d97549f249679e751b38ee0fa4a75b2939f09ddf863437fb8ee18bbb8604
glibc-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e1bcc98dc74af2259868e6f0659edd6d
SHA-256: 742f1151d0d3c2facec5e589dd93beae16544d0dd128feec4c525b0cc5903e24
glibc-common-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e31cf6987e0f9ca71e93e26d228fca2b
SHA-256: 769a5ab65394a46215d838e9492e153b02227878ce6177f4edfde441a0d470be
glibc-debuginfo-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 79f859154d41e3a8d7f3fda9d3746a57
SHA-256: d9f46732baffad83bc0bf836ebe1632ac6a47c16cc8b799cf5a31251d7ecc274
glibc-debuginfo-2.5-81.el5_8.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: d377872ddc8906f7c82d82da76e03ef4
SHA-256: c125c94929fa87a4067b3a84e21e4d98015b435fb22e08356c30559331fe099e
glibc-debuginfo-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: ba0b476e2d7e60416a7bcf6ce886dd56
SHA-256: 9e573f2ba16d452cb8d1acc532e14e2fcb5a6e9d38d8da896c00cf6fc1b1c241
glibc-debuginfo-common-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2ac7a69dfde2d7b93e33bc677931b2c6
SHA-256: d171708d88bae1f6dbfac788c39db406ceca21c4584ba6c2bbad2d7b377e8519
glibc-devel-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: e5a54b589bddf91de2fdba8c4e01a996
SHA-256: 0845f36553dc5c11187b1633c03ebfa1bab4737e6a380fb0e3519ebeefab97f0
glibc-devel-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 603b2b0c4cc11659ee4d55ef16ef10a7
SHA-256: a8f2bd3b2fe613e6536ce262efac5b8d79b526ca8e766d1e984207b0cfe96941
glibc-headers-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 831d8bf21890a9f44e15050a263dd5c2
SHA-256: 38269213725b10650f87c84e921adf163e7ca07bac024c7f60627ae4b07f4fa2
glibc-utils-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: bacaa2dfe8e847472efa28bb40a0092b
SHA-256: e6fa155fc48caead286b757c2922522141ab916d1d77281d8bf156c139979f5d
nscd-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: b83c5b2a73d9eb7029daacca52efd205
SHA-256: e10ccf559518264a07029e7bf95955e012048bcc9cde629c117b9ed2f3541db9
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
glibc-2.5-81.el5_8.7.src.rpm
File outdated by:  RHSA-2013:1411
    MD5: f09c6a0634bc202ccc2f5f9d2da2c51a
SHA-256: 5856703f0d2295efa98b8a6112138e9a49d196edcaedce46fc2bfadcf5179a06
 
IA-32:
glibc-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 4977b16e34044a35276a3f5a803c157b
SHA-256: 8648ab46c03e466b4ecb89976a87e5401811c6f9658047898b7de4c8426720aa
glibc-2.5-81.el5_8.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3e3f92eed58e0d58dad69454c1516b57
SHA-256: 1f84d97549f249679e751b38ee0fa4a75b2939f09ddf863437fb8ee18bbb8604
glibc-common-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: d722ea60273b4b99ffaf5be97b11b637
SHA-256: 0c76be3243655630fba1b1bc639074a2110cbf89609d41888b54c5ec92003960
glibc-debuginfo-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 79f859154d41e3a8d7f3fda9d3746a57
SHA-256: d9f46732baffad83bc0bf836ebe1632ac6a47c16cc8b799cf5a31251d7ecc274
glibc-debuginfo-2.5-81.el5_8.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: d377872ddc8906f7c82d82da76e03ef4
SHA-256: c125c94929fa87a4067b3a84e21e4d98015b435fb22e08356c30559331fe099e
glibc-debuginfo-common-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2ac7a69dfde2d7b93e33bc677931b2c6
SHA-256: d171708d88bae1f6dbfac788c39db406ceca21c4584ba6c2bbad2d7b377e8519
glibc-devel-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: e5a54b589bddf91de2fdba8c4e01a996
SHA-256: 0845f36553dc5c11187b1633c03ebfa1bab4737e6a380fb0e3519ebeefab97f0
glibc-headers-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 6c2c195cda140426c808537a7c4ea7cb
SHA-256: fda287f539f90d59a67c3db904d5a09a9d3de2506dd47d5ee8b728715bbbe79e
glibc-utils-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: ef7ccfd511ea7a42f052037d26eaa0cd
SHA-256: 078be2474a9bf279cc44588d48c76eb2b574ec9856cd2ca611ae827822850b75
nscd-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: b75fdc896087a25614c9e099320bea53
SHA-256: 7fc817ea3fdb18819a005082e163e2e90f2067eae56d452695e87a7e0f6ef485
 
x86_64:
glibc-2.5-81.el5_8.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3e3f92eed58e0d58dad69454c1516b57
SHA-256: 1f84d97549f249679e751b38ee0fa4a75b2939f09ddf863437fb8ee18bbb8604
glibc-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e1bcc98dc74af2259868e6f0659edd6d
SHA-256: 742f1151d0d3c2facec5e589dd93beae16544d0dd128feec4c525b0cc5903e24
glibc-common-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e31cf6987e0f9ca71e93e26d228fca2b
SHA-256: 769a5ab65394a46215d838e9492e153b02227878ce6177f4edfde441a0d470be
glibc-debuginfo-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 79f859154d41e3a8d7f3fda9d3746a57
SHA-256: d9f46732baffad83bc0bf836ebe1632ac6a47c16cc8b799cf5a31251d7ecc274
glibc-debuginfo-2.5-81.el5_8.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: d377872ddc8906f7c82d82da76e03ef4
SHA-256: c125c94929fa87a4067b3a84e21e4d98015b435fb22e08356c30559331fe099e
glibc-debuginfo-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: ba0b476e2d7e60416a7bcf6ce886dd56
SHA-256: 9e573f2ba16d452cb8d1acc532e14e2fcb5a6e9d38d8da896c00cf6fc1b1c241
glibc-debuginfo-common-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2ac7a69dfde2d7b93e33bc677931b2c6
SHA-256: d171708d88bae1f6dbfac788c39db406ceca21c4584ba6c2bbad2d7b377e8519
glibc-devel-2.5-81.el5_8.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: e5a54b589bddf91de2fdba8c4e01a996
SHA-256: 0845f36553dc5c11187b1633c03ebfa1bab4737e6a380fb0e3519ebeefab97f0
glibc-devel-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 603b2b0c4cc11659ee4d55ef16ef10a7
SHA-256: a8f2bd3b2fe613e6536ce262efac5b8d79b526ca8e766d1e984207b0cfe96941
glibc-headers-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 831d8bf21890a9f44e15050a263dd5c2
SHA-256: 38269213725b10650f87c84e921adf163e7ca07bac024c7f60627ae4b07f4fa2
glibc-utils-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: bacaa2dfe8e847472efa28bb40a0092b
SHA-256: e6fa155fc48caead286b757c2922522141ab916d1d77281d8bf156c139979f5d
nscd-2.5-81.el5_8.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: b83c5b2a73d9eb7029daacca52efd205
SHA-256: e10ccf559518264a07029e7bf95955e012048bcc9cde629c117b9ed2f3541db9
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

847715 - CVE-2012-3480 glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/