Critical: java-1.6.0-openjdk security update
| Advisory: | RHSA-2012:1221-1 |
|---|---|
| Type: | Security Advisory |
| Severity: | Critical |
| Issued on: | 2012-09-03 |
| Last updated on: | 2012-09-03 |
| Affected Products: | Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Server EUS (v. 6.3.z) Red Hat Enterprise Linux Workstation (v. 6) |
| CVEs (cve.mitre.org): |
CVE-2012-0547 CVE-2012-1682 |
Details
Updated java-1.6.0-openjdk packages that fix two security issues are now
available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.
It was discovered that the Beans component in OpenJDK did not perform
permission checks properly. An untrusted Java application or applet could
use this flaw to use classes from restricted packages, allowing it to
bypass Java sandbox restrictions. (CVE-2012-1682)
A hardening fix was applied to the AWT component in OpenJDK, removing
functionality from the restricted SunToolkit class that was used in
combination with other flaws to bypass Java sandbox restrictions.
(CVE-2012-0547)
Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website.
This erratum also upgrades the OpenJDK package to IcedTea6 1.11.4. Refer to
the NEWS file, linked to in the References, for further information.
All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
Updated packages
| Red Hat Enterprise Linux Desktop (v. 6) | |
| SRPMS: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.src.rpm File outdated by: RHSA-2013:0770 |
MD5: ef1789f1b784c76b2c5aa20105fc9162 SHA-256: c41d4ddf2cf62ead3e98343abc687f0feb63fef4bf26828bc73caea61b02d2ba |
| IA-32: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 47c4b0349b2dec097097f6285d3ee276 SHA-256: 7cfe605c6ae392cf54c7ab4f3d2488d0c80a9e5272a11bce838c03808834b9c3 |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: ffe0e29aaf4d8c67eb1f8eebae7c5696 SHA-256: 1eb1ea1697f1859788764ece0d873d87089e87c84eb019553fc2cc55462035ca |
| java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 868527e075e727ddc2b603b8d5fb66ee SHA-256: bc6422da43817ae21693d984334bf53237c6800e965e7bbf402622c0ed4edfe4 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: fa7acc05adf15ed7ac27ca3bb5f3316a SHA-256: 116024b130a65437811b9354a9ba4ba5a47f3a3868f0c05406514b5958dc4e98 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 3a6ec854a5f05b28e22ee7481c969da2 SHA-256: 6a7cd821c6df161bff2f48a474674ac3344763136652e7adbb860a3a139f196f |
| java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 21e676dfa03000e2349d3301e38268ad SHA-256: 97f4b88abc8cf6e3e045cb6582eaa663cc41e4ab73d886fae0f0bf25c5bb9e9d |
| x86_64: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: c9e1578afc270b5a93f0a13b08696cfa SHA-256: b84d800a868c506d768c91f261af85a14dd7f50b9a715cf3f1e769bf7c5ae7b1 |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 58ef6925d13032a8529e2f7abfd779d4 SHA-256: 15ed9e4696f6d788f4b2209fa477e8a0bf155fd86fb91edc1bac61afbe266d8f |
| java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a272276895e3e311e09656f37aa5c7b8 SHA-256: 9b34ff71067893f92191160eb63ff920b6b98bbb264d91dc5435b5cb38cc5e43 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a5a6a9510006fe90a438cf9a2f644f23 SHA-256: 90092d86a94e4d9b55273e95f38f7d1ccdde1feb9449c5de1a37daa724eba0ef |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 8fa2d42b47f3842be6151a07faf16ec3 SHA-256: 57275ad212f9ca28666005ae7757ab564e4b3cb0c083d4648df8e4c4659fc36a |
| java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 0593b699c1b56520a11401a5f9b4505c SHA-256: c245e452f4e0dc903f6429bb5182f0c91ddf98251b83d78ae7dddcb29ceee541 |
| Red Hat Enterprise Linux HPC Node (v. 6) | |
| SRPMS: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.src.rpm File outdated by: RHSA-2013:0770 |
MD5: ef1789f1b784c76b2c5aa20105fc9162 SHA-256: c41d4ddf2cf62ead3e98343abc687f0feb63fef4bf26828bc73caea61b02d2ba |
| x86_64: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: c9e1578afc270b5a93f0a13b08696cfa SHA-256: b84d800a868c506d768c91f261af85a14dd7f50b9a715cf3f1e769bf7c5ae7b1 |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 58ef6925d13032a8529e2f7abfd779d4 SHA-256: 15ed9e4696f6d788f4b2209fa477e8a0bf155fd86fb91edc1bac61afbe266d8f |
| java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a272276895e3e311e09656f37aa5c7b8 SHA-256: 9b34ff71067893f92191160eb63ff920b6b98bbb264d91dc5435b5cb38cc5e43 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a5a6a9510006fe90a438cf9a2f644f23 SHA-256: 90092d86a94e4d9b55273e95f38f7d1ccdde1feb9449c5de1a37daa724eba0ef |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 8fa2d42b47f3842be6151a07faf16ec3 SHA-256: 57275ad212f9ca28666005ae7757ab564e4b3cb0c083d4648df8e4c4659fc36a |
| java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 0593b699c1b56520a11401a5f9b4505c SHA-256: c245e452f4e0dc903f6429bb5182f0c91ddf98251b83d78ae7dddcb29ceee541 |
| Red Hat Enterprise Linux Server (v. 6) | |
| SRPMS: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.src.rpm File outdated by: RHSA-2013:0770 |
MD5: ef1789f1b784c76b2c5aa20105fc9162 SHA-256: c41d4ddf2cf62ead3e98343abc687f0feb63fef4bf26828bc73caea61b02d2ba |
| IA-32: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 47c4b0349b2dec097097f6285d3ee276 SHA-256: 7cfe605c6ae392cf54c7ab4f3d2488d0c80a9e5272a11bce838c03808834b9c3 |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: ffe0e29aaf4d8c67eb1f8eebae7c5696 SHA-256: 1eb1ea1697f1859788764ece0d873d87089e87c84eb019553fc2cc55462035ca |
| java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 868527e075e727ddc2b603b8d5fb66ee SHA-256: bc6422da43817ae21693d984334bf53237c6800e965e7bbf402622c0ed4edfe4 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: fa7acc05adf15ed7ac27ca3bb5f3316a SHA-256: 116024b130a65437811b9354a9ba4ba5a47f3a3868f0c05406514b5958dc4e98 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 3a6ec854a5f05b28e22ee7481c969da2 SHA-256: 6a7cd821c6df161bff2f48a474674ac3344763136652e7adbb860a3a139f196f |
| java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 21e676dfa03000e2349d3301e38268ad SHA-256: 97f4b88abc8cf6e3e045cb6582eaa663cc41e4ab73d886fae0f0bf25c5bb9e9d |
| x86_64: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: c9e1578afc270b5a93f0a13b08696cfa SHA-256: b84d800a868c506d768c91f261af85a14dd7f50b9a715cf3f1e769bf7c5ae7b1 |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 58ef6925d13032a8529e2f7abfd779d4 SHA-256: 15ed9e4696f6d788f4b2209fa477e8a0bf155fd86fb91edc1bac61afbe266d8f |
| java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a272276895e3e311e09656f37aa5c7b8 SHA-256: 9b34ff71067893f92191160eb63ff920b6b98bbb264d91dc5435b5cb38cc5e43 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a5a6a9510006fe90a438cf9a2f644f23 SHA-256: 90092d86a94e4d9b55273e95f38f7d1ccdde1feb9449c5de1a37daa724eba0ef |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 8fa2d42b47f3842be6151a07faf16ec3 SHA-256: 57275ad212f9ca28666005ae7757ab564e4b3cb0c083d4648df8e4c4659fc36a |
| java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 0593b699c1b56520a11401a5f9b4505c SHA-256: c245e452f4e0dc903f6429bb5182f0c91ddf98251b83d78ae7dddcb29ceee541 |
| Red Hat Enterprise Linux Server EUS (v. 6.3.z) | |
| SRPMS: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.src.rpm File outdated by: RHSA-2013:0770 |
MD5: ef1789f1b784c76b2c5aa20105fc9162 SHA-256: c41d4ddf2cf62ead3e98343abc687f0feb63fef4bf26828bc73caea61b02d2ba |
| IA-32: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0273 |
MD5: 47c4b0349b2dec097097f6285d3ee276 SHA-256: 7cfe605c6ae392cf54c7ab4f3d2488d0c80a9e5272a11bce838c03808834b9c3 |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0273 |
MD5: ffe0e29aaf4d8c67eb1f8eebae7c5696 SHA-256: 1eb1ea1697f1859788764ece0d873d87089e87c84eb019553fc2cc55462035ca |
| java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0273 |
MD5: 868527e075e727ddc2b603b8d5fb66ee SHA-256: bc6422da43817ae21693d984334bf53237c6800e965e7bbf402622c0ed4edfe4 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0273 |
MD5: fa7acc05adf15ed7ac27ca3bb5f3316a SHA-256: 116024b130a65437811b9354a9ba4ba5a47f3a3868f0c05406514b5958dc4e98 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0273 |
MD5: 3a6ec854a5f05b28e22ee7481c969da2 SHA-256: 6a7cd821c6df161bff2f48a474674ac3344763136652e7adbb860a3a139f196f |
| java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0273 |
MD5: 21e676dfa03000e2349d3301e38268ad SHA-256: 97f4b88abc8cf6e3e045cb6582eaa663cc41e4ab73d886fae0f0bf25c5bb9e9d |
| x86_64: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0273 |
MD5: c9e1578afc270b5a93f0a13b08696cfa SHA-256: b84d800a868c506d768c91f261af85a14dd7f50b9a715cf3f1e769bf7c5ae7b1 |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0273 |
MD5: 58ef6925d13032a8529e2f7abfd779d4 SHA-256: 15ed9e4696f6d788f4b2209fa477e8a0bf155fd86fb91edc1bac61afbe266d8f |
| java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0273 |
MD5: a272276895e3e311e09656f37aa5c7b8 SHA-256: 9b34ff71067893f92191160eb63ff920b6b98bbb264d91dc5435b5cb38cc5e43 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0273 |
MD5: a5a6a9510006fe90a438cf9a2f644f23 SHA-256: 90092d86a94e4d9b55273e95f38f7d1ccdde1feb9449c5de1a37daa724eba0ef |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0273 |
MD5: 8fa2d42b47f3842be6151a07faf16ec3 SHA-256: 57275ad212f9ca28666005ae7757ab564e4b3cb0c083d4648df8e4c4659fc36a |
| java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0273 |
MD5: 0593b699c1b56520a11401a5f9b4505c SHA-256: c245e452f4e0dc903f6429bb5182f0c91ddf98251b83d78ae7dddcb29ceee541 |
| Red Hat Enterprise Linux Workstation (v. 6) | |
| SRPMS: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.src.rpm File outdated by: RHSA-2013:0770 |
MD5: ef1789f1b784c76b2c5aa20105fc9162 SHA-256: c41d4ddf2cf62ead3e98343abc687f0feb63fef4bf26828bc73caea61b02d2ba |
| IA-32: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 47c4b0349b2dec097097f6285d3ee276 SHA-256: 7cfe605c6ae392cf54c7ab4f3d2488d0c80a9e5272a11bce838c03808834b9c3 |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: ffe0e29aaf4d8c67eb1f8eebae7c5696 SHA-256: 1eb1ea1697f1859788764ece0d873d87089e87c84eb019553fc2cc55462035ca |
| java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 868527e075e727ddc2b603b8d5fb66ee SHA-256: bc6422da43817ae21693d984334bf53237c6800e965e7bbf402622c0ed4edfe4 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: fa7acc05adf15ed7ac27ca3bb5f3316a SHA-256: 116024b130a65437811b9354a9ba4ba5a47f3a3868f0c05406514b5958dc4e98 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 3a6ec854a5f05b28e22ee7481c969da2 SHA-256: 6a7cd821c6df161bff2f48a474674ac3344763136652e7adbb860a3a139f196f |
| java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 21e676dfa03000e2349d3301e38268ad SHA-256: 97f4b88abc8cf6e3e045cb6582eaa663cc41e4ab73d886fae0f0bf25c5bb9e9d |
| x86_64: | |
| java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: c9e1578afc270b5a93f0a13b08696cfa SHA-256: b84d800a868c506d768c91f261af85a14dd7f50b9a715cf3f1e769bf7c5ae7b1 |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 58ef6925d13032a8529e2f7abfd779d4 SHA-256: 15ed9e4696f6d788f4b2209fa477e8a0bf155fd86fb91edc1bac61afbe266d8f |
| java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a272276895e3e311e09656f37aa5c7b8 SHA-256: 9b34ff71067893f92191160eb63ff920b6b98bbb264d91dc5435b5cb38cc5e43 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a5a6a9510006fe90a438cf9a2f644f23 SHA-256: 90092d86a94e4d9b55273e95f38f7d1ccdde1feb9449c5de1a37daa724eba0ef |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 8fa2d42b47f3842be6151a07faf16ec3 SHA-256: 57275ad212f9ca28666005ae7757ab564e4b3cb0c083d4648df8e4c4659fc36a |
| java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 0593b699c1b56520a11401a5f9b4505c SHA-256: c245e452f4e0dc903f6429bb5182f0c91ddf98251b83d78ae7dddcb29ceee541 |
| (The unlinked packages above are only available from the Red Hat Network) | |
Bugs fixed (see bugzilla for more information)
853097 - CVE-2012-1682 OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)
853228 - CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201)
References
https://www.redhat.com/security/data/cve/CVE-2012-0547.html
https://www.redhat.com/security/data/cve/CVE-2012-1682.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.4/NEWS
https://www.redhat.com/security/data/cve/CVE-2012-1682.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.4/NEWS
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
