Red Hat Customer Portal

Skip to main content

Security Advisory Critical: java-1.7.0-openjdk security update

Advisory: RHSA-2016:0053-1
Type: Security Advisory
Severity: Critical
Issued on: 2016-01-21
Last updated on: 2016-01-21
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.7.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2015-4871
CVE-2015-7575
CVE-2016-0402
CVE-2016-0448
CVE-2016-0466
CVE-2016-0483
CVE-2016-0494

Details

Updated java-1.7.0-openjdk packages that fix multiple security issues are
now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime
Environment and the OpenJDK 7 Java Software Development Kit.

An out-of-bounds write flaw was found in the JPEG image format decoder in
the AWT component in OpenJDK. A specially crafted JPEG image could cause
a Java application to crash or, possibly execute arbitrary code. An
untrusted Java application or applet could use this flaw to bypass Java
sandbox restrictions. (CVE-2016-0483)

An integer signedness issue was found in the font parsing code in the 2D
component in OpenJDK. A specially crafted font file could possibly cause
the Java Virtual Machine to execute arbitrary code, allowing an untrusted
Java application or applet to bypass Java sandbox restrictions.
(CVE-2016-0494)

It was discovered that the JAXP component in OpenJDK did not properly
enforce the totalEntitySizeLimit limit. An attacker able to make a Java
application process a specially crafted XML file could use this flaw to
make the application consume an excessive amount of memory. (CVE-2016-0466)

A flaw was found in the way TLS 1.2 could use the MD5 hash function for
signing ServerKeyExchange and Client Authentication packets during a TLS
handshake. A man-in-the-middle attacker able to force a TLS connection to
use the MD5 hash function could use this flaw to conduct collision attacks
to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)

Multiple flaws were discovered in the Libraries, Networking, and JMX
components in OpenJDK. An untrusted Java application or applet could use
these flaws to bypass certain Java sandbox restrictions. (CVE-2015-4871,
CVE-2016-0402, CVE-2016-0448)

Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website.

Note: This update also disallows the use of the MD5 hash algorithm in the
certification path processing. The use of MD5 can be re-enabled by removing
MD5 from the jdk.certpath.disabledAlgorithms security property defined in
the java.security file.

All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.src.rpm
File outdated by:  RHBA-2016:1005
    MD5: 85aa69ee1a47e7871e16e632ef97fe62
SHA-256: 93c91ccc124e5d35fee8c80867c94b03a2d9b0ac9315385f6356aa3a6120dbda
 
IA-32:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: cbf5602cfff0f03f9c77a6827ae434d5
SHA-256: 0b2e252f1fa0d888e036bf4a8dbe955e06a496a40b3f98c3217440523cddde79
java-1.7.0-openjdk-debuginfo-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: dddf49a1f0872c337e62c66bf4587acd
SHA-256: 824054685b4c64508081434b0a171c0fe7ce935c2756b2751a872a59b79a3490
java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: 78e52cde333534f1d847e17af32c5d17
SHA-256: 31437dfa4776c9e42900115eba058f11761852d8c52174ec7cab8ab310cadea6
java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: f76383f66dd9ac5f2781e23a05445658
SHA-256: b9be5a0c97e2b406690d98898d60da28c8e95f54ad6f8912bfdbe999019359ba
java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpm
File outdated by:  RHBA-2016:1005
    MD5: dc39728b42161d5fcd567590f40c9ae8
SHA-256: 8cd067ef55aba0ebdfa000b3d456a1f8c318d4e2140e6e65384182e3e4888bcb
java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: 1c2dabb9d19ecea1f77b3b82ce6f3768
SHA-256: ab5dd9a7b7287ad4c201eca78073dca0d6b1453ec07e8f3a197f974abb9265d6
 
x86_64:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: 1a435fa6937ed6da0012af16db85e9bc
SHA-256: c5434affcf4e000084b0085526c1348d9dd21569d4505c47147decb1e7eb072b
java-1.7.0-openjdk-debuginfo-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: e7399c4d115e45bc843708ea9e08e9d1
SHA-256: 537ec30df916c20ba3add1cad6e97f329ed2cca29f8516145523d3d877eee9a0
java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: b9742c955b8479520170c9f9224fb250
SHA-256: 406e14a77f7af544c7c43cb01b06fa57da67d327be19590601730cb9490f3bb0
java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: 8b12a1af876a975d3bae16ff344c6b8f
SHA-256: 52080b262a295a94fa2401d4e5a150492690e840dd28a8e28eb753c043d241b9
java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpm
File outdated by:  RHBA-2016:1005
    MD5: dc39728b42161d5fcd567590f40c9ae8
SHA-256: 8cd067ef55aba0ebdfa000b3d456a1f8c318d4e2140e6e65384182e3e4888bcb
java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: ad4d77f52154a67e8277d7dbb1c9fee1
SHA-256: deef709133c3127ac2a0e04db756572d49649f5d56ae4ebeebbc1b20be1346c6
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.src.rpm
File outdated by:  RHBA-2016:1005
    MD5: 85aa69ee1a47e7871e16e632ef97fe62
SHA-256: 93c91ccc124e5d35fee8c80867c94b03a2d9b0ac9315385f6356aa3a6120dbda
 
x86_64:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: 1a435fa6937ed6da0012af16db85e9bc
SHA-256: c5434affcf4e000084b0085526c1348d9dd21569d4505c47147decb1e7eb072b
java-1.7.0-openjdk-debuginfo-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: e7399c4d115e45bc843708ea9e08e9d1
SHA-256: 537ec30df916c20ba3add1cad6e97f329ed2cca29f8516145523d3d877eee9a0
java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: b9742c955b8479520170c9f9224fb250
SHA-256: 406e14a77f7af544c7c43cb01b06fa57da67d327be19590601730cb9490f3bb0
java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: 8b12a1af876a975d3bae16ff344c6b8f
SHA-256: 52080b262a295a94fa2401d4e5a150492690e840dd28a8e28eb753c043d241b9
java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpm
File outdated by:  RHBA-2016:1005
    MD5: dc39728b42161d5fcd567590f40c9ae8
SHA-256: 8cd067ef55aba0ebdfa000b3d456a1f8c318d4e2140e6e65384182e3e4888bcb
java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: ad4d77f52154a67e8277d7dbb1c9fee1
SHA-256: deef709133c3127ac2a0e04db756572d49649f5d56ae4ebeebbc1b20be1346c6
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.src.rpm
File outdated by:  RHBA-2016:1005
    MD5: 85aa69ee1a47e7871e16e632ef97fe62
SHA-256: 93c91ccc124e5d35fee8c80867c94b03a2d9b0ac9315385f6356aa3a6120dbda
 
IA-32:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: cbf5602cfff0f03f9c77a6827ae434d5
SHA-256: 0b2e252f1fa0d888e036bf4a8dbe955e06a496a40b3f98c3217440523cddde79
java-1.7.0-openjdk-debuginfo-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: dddf49a1f0872c337e62c66bf4587acd
SHA-256: 824054685b4c64508081434b0a171c0fe7ce935c2756b2751a872a59b79a3490
java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: 78e52cde333534f1d847e17af32c5d17
SHA-256: 31437dfa4776c9e42900115eba058f11761852d8c52174ec7cab8ab310cadea6
java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: f76383f66dd9ac5f2781e23a05445658
SHA-256: b9be5a0c97e2b406690d98898d60da28c8e95f54ad6f8912bfdbe999019359ba
java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpm
File outdated by:  RHBA-2016:1005
    MD5: dc39728b42161d5fcd567590f40c9ae8
SHA-256: 8cd067ef55aba0ebdfa000b3d456a1f8c318d4e2140e6e65384182e3e4888bcb
java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: 1c2dabb9d19ecea1f77b3b82ce6f3768
SHA-256: ab5dd9a7b7287ad4c201eca78073dca0d6b1453ec07e8f3a197f974abb9265d6
 
x86_64:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: 1a435fa6937ed6da0012af16db85e9bc
SHA-256: c5434affcf4e000084b0085526c1348d9dd21569d4505c47147decb1e7eb072b
java-1.7.0-openjdk-debuginfo-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: e7399c4d115e45bc843708ea9e08e9d1
SHA-256: 537ec30df916c20ba3add1cad6e97f329ed2cca29f8516145523d3d877eee9a0
java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: b9742c955b8479520170c9f9224fb250
SHA-256: 406e14a77f7af544c7c43cb01b06fa57da67d327be19590601730cb9490f3bb0
java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: 8b12a1af876a975d3bae16ff344c6b8f
SHA-256: 52080b262a295a94fa2401d4e5a150492690e840dd28a8e28eb753c043d241b9
java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpm
File outdated by:  RHBA-2016:1005
    MD5: dc39728b42161d5fcd567590f40c9ae8
SHA-256: 8cd067ef55aba0ebdfa000b3d456a1f8c318d4e2140e6e65384182e3e4888bcb
java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: ad4d77f52154a67e8277d7dbb1c9fee1
SHA-256: deef709133c3127ac2a0e04db756572d49649f5d56ae4ebeebbc1b20be1346c6
 
Red Hat Enterprise Linux Server EUS (v. 6.7.z)

SRPMS:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.src.rpm
File outdated by:  RHBA-2016:1005
    MD5: 85aa69ee1a47e7871e16e632ef97fe62
SHA-256: 93c91ccc124e5d35fee8c80867c94b03a2d9b0ac9315385f6356aa3a6120dbda
 
IA-32:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHSA-2016:0675
    MD5: cbf5602cfff0f03f9c77a6827ae434d5
SHA-256: 0b2e252f1fa0d888e036bf4a8dbe955e06a496a40b3f98c3217440523cddde79
java-1.7.0-openjdk-debuginfo-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHSA-2016:0675
    MD5: dddf49a1f0872c337e62c66bf4587acd
SHA-256: 824054685b4c64508081434b0a171c0fe7ce935c2756b2751a872a59b79a3490
java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHSA-2016:0675
    MD5: 78e52cde333534f1d847e17af32c5d17
SHA-256: 31437dfa4776c9e42900115eba058f11761852d8c52174ec7cab8ab310cadea6
java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHSA-2016:0675
    MD5: f76383f66dd9ac5f2781e23a05445658
SHA-256: b9be5a0c97e2b406690d98898d60da28c8e95f54ad6f8912bfdbe999019359ba
java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpm
File outdated by:  RHSA-2016:0675
    MD5: dc39728b42161d5fcd567590f40c9ae8
SHA-256: 8cd067ef55aba0ebdfa000b3d456a1f8c318d4e2140e6e65384182e3e4888bcb
java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHSA-2016:0675
    MD5: 1c2dabb9d19ecea1f77b3b82ce6f3768
SHA-256: ab5dd9a7b7287ad4c201eca78073dca0d6b1453ec07e8f3a197f974abb9265d6
 
x86_64:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHSA-2016:0675
    MD5: 1a435fa6937ed6da0012af16db85e9bc
SHA-256: c5434affcf4e000084b0085526c1348d9dd21569d4505c47147decb1e7eb072b
java-1.7.0-openjdk-debuginfo-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHSA-2016:0675
    MD5: e7399c4d115e45bc843708ea9e08e9d1
SHA-256: 537ec30df916c20ba3add1cad6e97f329ed2cca29f8516145523d3d877eee9a0
java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHSA-2016:0675
    MD5: b9742c955b8479520170c9f9224fb250
SHA-256: 406e14a77f7af544c7c43cb01b06fa57da67d327be19590601730cb9490f3bb0
java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHSA-2016:0675
    MD5: 8b12a1af876a975d3bae16ff344c6b8f
SHA-256: 52080b262a295a94fa2401d4e5a150492690e840dd28a8e28eb753c043d241b9
java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpm
File outdated by:  RHSA-2016:0675
    MD5: dc39728b42161d5fcd567590f40c9ae8
SHA-256: 8cd067ef55aba0ebdfa000b3d456a1f8c318d4e2140e6e65384182e3e4888bcb
java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHSA-2016:0675
    MD5: ad4d77f52154a67e8277d7dbb1c9fee1
SHA-256: deef709133c3127ac2a0e04db756572d49649f5d56ae4ebeebbc1b20be1346c6
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.src.rpm
File outdated by:  RHBA-2016:1005
    MD5: 85aa69ee1a47e7871e16e632ef97fe62
SHA-256: 93c91ccc124e5d35fee8c80867c94b03a2d9b0ac9315385f6356aa3a6120dbda
 
IA-32:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: cbf5602cfff0f03f9c77a6827ae434d5
SHA-256: 0b2e252f1fa0d888e036bf4a8dbe955e06a496a40b3f98c3217440523cddde79
java-1.7.0-openjdk-debuginfo-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: dddf49a1f0872c337e62c66bf4587acd
SHA-256: 824054685b4c64508081434b0a171c0fe7ce935c2756b2751a872a59b79a3490
java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: 78e52cde333534f1d847e17af32c5d17
SHA-256: 31437dfa4776c9e42900115eba058f11761852d8c52174ec7cab8ab310cadea6
java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: f76383f66dd9ac5f2781e23a05445658
SHA-256: b9be5a0c97e2b406690d98898d60da28c8e95f54ad6f8912bfdbe999019359ba
java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpm
File outdated by:  RHBA-2016:1005
    MD5: dc39728b42161d5fcd567590f40c9ae8
SHA-256: 8cd067ef55aba0ebdfa000b3d456a1f8c318d4e2140e6e65384182e3e4888bcb
java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.i686.rpm
File outdated by:  RHBA-2016:1005
    MD5: 1c2dabb9d19ecea1f77b3b82ce6f3768
SHA-256: ab5dd9a7b7287ad4c201eca78073dca0d6b1453ec07e8f3a197f974abb9265d6
 
x86_64:
java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: 1a435fa6937ed6da0012af16db85e9bc
SHA-256: c5434affcf4e000084b0085526c1348d9dd21569d4505c47147decb1e7eb072b
java-1.7.0-openjdk-debuginfo-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: e7399c4d115e45bc843708ea9e08e9d1
SHA-256: 537ec30df916c20ba3add1cad6e97f329ed2cca29f8516145523d3d877eee9a0
java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: b9742c955b8479520170c9f9224fb250
SHA-256: 406e14a77f7af544c7c43cb01b06fa57da67d327be19590601730cb9490f3bb0
java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: 8b12a1af876a975d3bae16ff344c6b8f
SHA-256: 52080b262a295a94fa2401d4e5a150492690e840dd28a8e28eb753c043d241b9
java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpm
File outdated by:  RHBA-2016:1005
    MD5: dc39728b42161d5fcd567590f40c9ae8
SHA-256: 8cd067ef55aba0ebdfa000b3d456a1f8c318d4e2140e6e65384182e3e4888bcb
java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
File outdated by:  RHBA-2016:1005
    MD5: ad4d77f52154a67e8277d7dbb1c9fee1
SHA-256: deef709133c3127ac2a0e04db756572d49649f5d56ae4ebeebbc1b20be1346c6
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1273859 - CVE-2015-4871 OpenJDK: protected methods can be used as interface methods via DirectMethodHandle (Libraries)
1289841 - CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)
1298906 - CVE-2016-0494 ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)
1298957 - CVE-2016-0402 OpenJDK: URL deserialization inconsistencies (Networking, 8059054)
1299073 - CVE-2016-0448 OpenJDK: logging of RMI connection secrets (JMX, 8130710)
1299385 - CVE-2016-0466 OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)
1299441 - CVE-2016-0483 OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/