Skip to navigation

Bug Fix Advisory sssd bug fix update

Advisory: RHBA-2013:0047-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2013-01-07
Last updated on: 2013-01-07
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Details

Updated sssd packages that fix multiple bugs are now available for Red Hat
Enterprise Linux 5.

SSSD (System Security Services Daemon) provides daemons to manage access to
remote directories and authentication mechanisms. It provides NSS (Name Service
Switch) and PAM (Pluggable Authentication Modules) interfaces and a pluggable
back end system to connect to multiple different account sources.

This update fixes the following bugs:

* Previously, the SSSD daemon could deny simple paged search requests, if an
LDAP (Lightweight Directory Access Protocol) server had the paging control
module installed but not enabled or if a highly loaded LDAP server was
restricted to a single page search operation. With this update, the
"ldap_disable_paging" option disables the LDAP paging control to limit the
number of SSSD lookups defined by the LDAP server. (BZ#782221)

* Previously, a segmentation fault could occur when the IPA HBAC (Host-Based
Access Control) code iterated over the list of groups with an entity that formed
the HBAC rule without checking its validity. This update creates an empty array
to allow the HBAC code to loop safely. (BZ#783081)

* Previously, the SSSD daemon did not have a versioned dependency on the DBus
library. Now, a versioned dependency on the DBus library is added to enable SSSD
also on older versions of the DBus library. (BZ#797272)

* Previously, the IPA provider checked only IPA access control policies and
ignored additional access control policies when the access provider was
configured to use IPA access control policies. Users could get access when the
LDAP access provider denied access. Now, LDAP access control policies are
checked before the IPA access control policies. (BZ#797300)

* Previously, provider-specific data was freed before data that was transported
between different SSSD processes. A segmentation fault could occur on shutdown
when already freed memory was accessed. This update changes the order of free
operations. (BZ#811912)

* Previously, the SSSD daemon was limited to 1024 open files by default. Further
logins were rejected if the number of simultaneous connections exceed the limit.
This update sets the limit to 8000 open files or the maximum from limits.conf,
whichever is less. (BZ#815154)

* Previously, the SSSD daemon went offline when set to encrypt the communication
with the LDAP server using GSSAPI if the first Kerberos server was down. Now,
SSSD retries all key distribution centers (KDC) before going offline.
(BZ#817073)

* Previously, the status of a server that was unreachable was reset to neutral
after a 30-seconds timeout. The server list marked a server for another retry
and the cycle looped if the server list was too long. This update performs only
one loop and stops when encountering a server that was checked before.
(BZ#828190)

* Previously, the SSSD daemon kept connections to client applications open for
the lifetime of the application. SSSD could use too many file descriptors and
refused new connections if many long-running applications were running
simultaneously. Now, SSSD keeps a connection to a client application open only
for a default interval of 60 seconds. (BZ#833169)

* Previously, the SSSD daemon did not contain an option to disable source hosts
processing. The LDAP query to retrieve hosts could reach the administration
limit of the LDAP server and abort if the IPA server contained a large number of
hosts. Now, the ipa_hbac_support_srchost option defaults to "False" to switch
off source hosts support. (BZ#841677)

* Previously, the SSSD daemon could skip a complete level of nesting processes
when SSSD processed a group that was already encountered on another nesting
level. SSSD incorrectly reported group memberships. This update modifies the
logic in the LDAP back end to skip only already processed groups. (BZ#846664)

All users of sssd are advised to upgrade to these updated packages, which fix
these bugs.


Solution

Before applying this update, make sure all previously-released errata relevant
to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
sssd-1.5.1-58.el5.src.rpm
File outdated by:  RHSA-2013:1319
    MD5: 3d9b963b785a06c7b88ac39957ac20f2
SHA-256: 4b26176c899b2efd811c3368ac3f046879c024ecc10228b6b748236b077cd04c
 
IA-32:
libipa_hbac-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 0c43f998d2a8471ead1aff713883bc17
SHA-256: c3ce7bdf442d8cc3c126cd021b9681e423777f9ff0b417be8a6008f5761f5f1e
libipa_hbac-devel-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 3b2b2ef7cdf91beb7dce91757a71418c
SHA-256: 5192ba67982e2365ed48aaec79aba2cd2a66bafaa93fec59e732cf6f28a0c022
libipa_hbac-python-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 07384b2c46f3524527406858eab9aebb
SHA-256: d0a7bd4536eab64a881e98998e09ff0834f075777c6a5c86be9491f4ee6f966e
sssd-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 6b71e0a916cd40876b1eea3aad0232e2
SHA-256: e8cbb590316017e98c9408cfd7dbfd7bf02ba1d2e844fd41c53a99b9dfe40f9b
sssd-client-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: d558612ed7abccd07e5f139ac1c4ba61
SHA-256: 9dd664d5842b0763d2a982e8ecb6f0dc1224811480751f40351af344e9045112
sssd-debuginfo-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 565feb9ff2c8d298d0f244c313e978de
SHA-256: 519103269fad8c48d97897259739ddf90deda650ffa04624ed7e7dc3dc87b7a3
sssd-tools-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 12691b54a8b4bbaf6cc42e0fa259b798
SHA-256: 6ee79ee0960eb0a7f14b9fc088b1f40001e3f8a62493879822ef59efd0729726
 
IA-64:
libipa_hbac-1.5.1-58.el5.ia64.rpm
File outdated by:  RHSA-2013:1319
    MD5: a2a28da28d223fab6982b726038a2df5
SHA-256: 226c46acc9e5ef619b92b35702a15da3184479a4bcbf77e366c24d6e934ccc99
libipa_hbac-devel-1.5.1-58.el5.ia64.rpm
File outdated by:  RHSA-2013:1319
    MD5: c652a77c1c578284ef9b5d07f6f82d42
SHA-256: 0eca8d8524a911593b9296267d7cc282d35857efdcd15c7ec45bd1250a370301
libipa_hbac-python-1.5.1-58.el5.ia64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 07a6d0b9b1cc892a9c74d5e21e0d454c
SHA-256: 3b005fe0d0d5106698cffd49dc3126435d68b4c1e6effe63f1dda92ac08ca3e4
sssd-1.5.1-58.el5.ia64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 9a4c81db21248533596ce9d90711950c
SHA-256: d2db115e4c4e61f1d9327a10903406bb1072064c370dcac1bb088fc8677dfff8
sssd-client-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: d558612ed7abccd07e5f139ac1c4ba61
SHA-256: 9dd664d5842b0763d2a982e8ecb6f0dc1224811480751f40351af344e9045112
sssd-client-1.5.1-58.el5.ia64.rpm
File outdated by:  RHSA-2013:1319
    MD5: eb2a98adf54c797d6ead4e0dbe5ead5a
SHA-256: 036cc440c7b5622b83678992c7cc6a16117bd40f382ce48d9f00e090e7d2a1c0
sssd-debuginfo-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 565feb9ff2c8d298d0f244c313e978de
SHA-256: 519103269fad8c48d97897259739ddf90deda650ffa04624ed7e7dc3dc87b7a3
sssd-debuginfo-1.5.1-58.el5.ia64.rpm
File outdated by:  RHSA-2013:1319
    MD5: a035a3050fe9443aa1848d25c73a3427
SHA-256: cc01157c6b24f377d7a24285a43cfa0e06bee71d476e9bd997211a92d44fc2c6
sssd-tools-1.5.1-58.el5.ia64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 395b6a4145e7b7e9ad0f391f8dd3af28
SHA-256: 102361ae92faef9e2898500889adb2b884874265471604aa3e1fba662ebda76d
 
PPC:
libipa_hbac-1.5.1-58.el5.ppc.rpm
File outdated by:  RHSA-2013:1319
    MD5: 6c22d3b4d6e05dbadfc368880ae03ed5
SHA-256: 54495d422a35abce98f4a4593003d2cd967cf62deed019515d0e523f9e41fa7d
libipa_hbac-1.5.1-58.el5.ppc64.rpm
File outdated by:  RHSA-2013:1319
    MD5: a9abb46f4fd7f436d4905ebeaf411529
SHA-256: 4667851d36a5c4358b8f522fc3a4425b552d76c04017a869be319d0b4003bda6
libipa_hbac-devel-1.5.1-58.el5.ppc.rpm
File outdated by:  RHSA-2013:1319
    MD5: ffd5882899f0684010bae02de2eb0f15
SHA-256: de40b0897bbf1aa15349f5e7f071a234a58a2c8766ca8848c2487513fc5245aa
libipa_hbac-devel-1.5.1-58.el5.ppc64.rpm
File outdated by:  RHSA-2013:1319
    MD5: eb4e8f02acc7c8bf251396148f1d0779
SHA-256: 7f8c0ee96c06cf519383de83bfcb98b084ff3874e0e1531329b82b14e14b0528
libipa_hbac-python-1.5.1-58.el5.ppc.rpm
File outdated by:  RHSA-2013:1319
    MD5: 5745f001c8bdcbab5fc734fb95cc0313
SHA-256: 3629742408ef35463e054b915a7ee4398b6f795b1f73568b42a865630307644e
sssd-1.5.1-58.el5.ppc.rpm
File outdated by:  RHSA-2013:1319
    MD5: 3c32319083c2c4efb345ffc205f3d061
SHA-256: 1bb52c38b4cd3246a99289eaa9acffc4a0f896a9fd3dba0c2503e505764fcbcc
sssd-client-1.5.1-58.el5.ppc.rpm
File outdated by:  RHSA-2013:1319
    MD5: 70425ef01c236637bc60d9359bd13a7e
SHA-256: 6e4eaa4465815caa6e7afcd879d5e059168e2e8478a5eb7c101dad84dfb9c2ec
sssd-client-1.5.1-58.el5.ppc64.rpm
File outdated by:  RHSA-2013:1319
    MD5: e115e8e29d85107e974dee55232f2b3f
SHA-256: 2bf80eab660379cc0c29fc9adf6e828777f6c3fa170192f013689c03efd05595
sssd-debuginfo-1.5.1-58.el5.ppc.rpm
File outdated by:  RHSA-2013:1319
    MD5: 98efd918c4f7c93b28195821f0d20fb9
SHA-256: e1f4255275344d8f3c91cb5e62ec4e9b329ee41049496f6b3c7c92326dc39b81
sssd-debuginfo-1.5.1-58.el5.ppc64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 729be481e70b3eeaee7b396f740a52e6
SHA-256: 1d044f0699c08f04c64527d7c9d94392423cf4c52b5238670e0ec9844944880b
sssd-tools-1.5.1-58.el5.ppc.rpm
File outdated by:  RHSA-2013:1319
    MD5: 148fa7a0d0bbf5c028a7ac010ff8ae65
SHA-256: 11db15235b736f79dc06a41799b394a1e78ae8ecdf6fd28e6e08dfae9fa7f1b9
 
s390x:
libipa_hbac-1.5.1-58.el5.s390.rpm
File outdated by:  RHSA-2013:1319
    MD5: eb3347e21aa39ff5e2333be156bba20a
SHA-256: a8d571dd0fb749d63125fc127a571e63666f8a421ac15e946bdf658d5d1eba51
libipa_hbac-1.5.1-58.el5.s390x.rpm
File outdated by:  RHSA-2013:1319
    MD5: 222069b19a32c3654cd74bf07ad8b399
SHA-256: 14a68fc570fd274657c9111981ad0651570e0b51ab8d6e92885a06a99122c5d0
libipa_hbac-devel-1.5.1-58.el5.s390.rpm
File outdated by:  RHSA-2013:1319
    MD5: 68cb31823463552f6f935671e0514aae
SHA-256: c31aee5066ea3a032c05b3a6e56a96d9dde154e0c22006da431bab8b52b250b3
libipa_hbac-devel-1.5.1-58.el5.s390x.rpm
File outdated by:  RHSA-2013:1319
    MD5: 800a6b290ce89c8a26a0db590e585e6a
SHA-256: a681fd3bfc25f46a528d6c3d555d4b93d15352ef37484227d51f2730db765c37
libipa_hbac-python-1.5.1-58.el5.s390x.rpm
File outdated by:  RHSA-2013:1319
    MD5: 0a3c2e2f6a4712ca050151e74ced7e09
SHA-256: 9e8c099dd71e26ca848157ea1b3e193d2e5eb8c833b7932aff5a3d9d196abf37
sssd-1.5.1-58.el5.s390x.rpm
File outdated by:  RHSA-2013:1319
    MD5: f828a0c52e4610779a5f8250ff72df40
SHA-256: 5c9b2742069b218d76469e6683cbf0a1a1ebf4c14db9776eb4ff599700533553
sssd-client-1.5.1-58.el5.s390.rpm
File outdated by:  RHSA-2013:1319
    MD5: 5cecb0fc53e7b3a99ee1c7be4bc1a908
SHA-256: 9710cf3f81c13b0b9ce1ea46fdb65983ef0c3ece1f167dda1e71609bf55fa998
sssd-client-1.5.1-58.el5.s390x.rpm
File outdated by:  RHSA-2013:1319
    MD5: fe61e90bc384119f21c49bddc31062ee
SHA-256: aea80d91b41d31e4f3f07773353201545d23409bc85a4ee3e0427a3945af0b44
sssd-debuginfo-1.5.1-58.el5.s390.rpm
File outdated by:  RHSA-2013:1319
    MD5: ace0492d36b41310102dec0a96135cda
SHA-256: 326022e057d8bc74b74599e83bb69f68bfb496ed0e6cac326944a848b2043196
sssd-debuginfo-1.5.1-58.el5.s390x.rpm
File outdated by:  RHSA-2013:1319
    MD5: 589e3f46bb8fb0bbf281e7b7ad87a5cd
SHA-256: 032e5ddd1c8f4815d8c6349546dca141844952797a6bd2f4cc46c5877bdbe4c5
sssd-tools-1.5.1-58.el5.s390x.rpm
File outdated by:  RHSA-2013:1319
    MD5: 347dff4e6f45b47a196d8ef61a01e2b4
SHA-256: 96843ac13ae0a239c06db7a01e526a96977014b8c015229f8ae24304129c3126
 
x86_64:
libipa_hbac-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 0c43f998d2a8471ead1aff713883bc17
SHA-256: c3ce7bdf442d8cc3c126cd021b9681e423777f9ff0b417be8a6008f5761f5f1e
libipa_hbac-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 8edc4dde7b0651166cea719b55a7657c
SHA-256: e83c4787b0a114a6496556e21fe416ce7f007323f6c977d992f4098841bfc2a2
libipa_hbac-devel-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 3b2b2ef7cdf91beb7dce91757a71418c
SHA-256: 5192ba67982e2365ed48aaec79aba2cd2a66bafaa93fec59e732cf6f28a0c022
libipa_hbac-devel-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 4fc76f7ef4f505261d99f81e5d18e949
SHA-256: 2b176cb133d91525abd1d5a36eb24ae295f5e1465df048980a0bd0dc165fcb55
libipa_hbac-python-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 36bb85bab59f86f58ed58416cf39d6b4
SHA-256: bbea5d2d47a2cd488807e14b8c9d1efc87df86b22096d1073e238276c14f69aa
sssd-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 6d249e7e760c9dd6f509ec73d11f3d9a
SHA-256: 937b0255411329589a10082108ee4974cdaccadc50f04e7f4505f095e01201b9
sssd-client-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: d558612ed7abccd07e5f139ac1c4ba61
SHA-256: 9dd664d5842b0763d2a982e8ecb6f0dc1224811480751f40351af344e9045112
sssd-client-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 5a77b4884a4a7f7541422ba6059b4e28
SHA-256: 9c5ccc9234ee218b8256404103511600060c2beed2be2132efa47e97d2608a97
sssd-debuginfo-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 565feb9ff2c8d298d0f244c313e978de
SHA-256: 519103269fad8c48d97897259739ddf90deda650ffa04624ed7e7dc3dc87b7a3
sssd-debuginfo-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: ec1088f9915a7151048e5ac618854799
SHA-256: e60318a7a678d322dcf775707e5f8d0117260c748bfdfe0658d0a51ae29e6334
sssd-tools-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 72a6a3e44f0d7a6a18ca88614b222050
SHA-256: f8a5a1588ea7ffe9e4dcbc0211af4bad635329c01fd40eba56f57ce35d9e2726
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
sssd-1.5.1-58.el5.src.rpm
File outdated by:  RHSA-2013:1319
    MD5: 3d9b963b785a06c7b88ac39957ac20f2
SHA-256: 4b26176c899b2efd811c3368ac3f046879c024ecc10228b6b748236b077cd04c
 
IA-32:
libipa_hbac-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 0c43f998d2a8471ead1aff713883bc17
SHA-256: c3ce7bdf442d8cc3c126cd021b9681e423777f9ff0b417be8a6008f5761f5f1e
libipa_hbac-devel-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 3b2b2ef7cdf91beb7dce91757a71418c
SHA-256: 5192ba67982e2365ed48aaec79aba2cd2a66bafaa93fec59e732cf6f28a0c022
libipa_hbac-python-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 07384b2c46f3524527406858eab9aebb
SHA-256: d0a7bd4536eab64a881e98998e09ff0834f075777c6a5c86be9491f4ee6f966e
sssd-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 6b71e0a916cd40876b1eea3aad0232e2
SHA-256: e8cbb590316017e98c9408cfd7dbfd7bf02ba1d2e844fd41c53a99b9dfe40f9b
sssd-client-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: d558612ed7abccd07e5f139ac1c4ba61
SHA-256: 9dd664d5842b0763d2a982e8ecb6f0dc1224811480751f40351af344e9045112
sssd-debuginfo-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 565feb9ff2c8d298d0f244c313e978de
SHA-256: 519103269fad8c48d97897259739ddf90deda650ffa04624ed7e7dc3dc87b7a3
sssd-tools-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 12691b54a8b4bbaf6cc42e0fa259b798
SHA-256: 6ee79ee0960eb0a7f14b9fc088b1f40001e3f8a62493879822ef59efd0729726
 
x86_64:
libipa_hbac-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 0c43f998d2a8471ead1aff713883bc17
SHA-256: c3ce7bdf442d8cc3c126cd021b9681e423777f9ff0b417be8a6008f5761f5f1e
libipa_hbac-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 8edc4dde7b0651166cea719b55a7657c
SHA-256: e83c4787b0a114a6496556e21fe416ce7f007323f6c977d992f4098841bfc2a2
libipa_hbac-devel-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 3b2b2ef7cdf91beb7dce91757a71418c
SHA-256: 5192ba67982e2365ed48aaec79aba2cd2a66bafaa93fec59e732cf6f28a0c022
libipa_hbac-devel-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 4fc76f7ef4f505261d99f81e5d18e949
SHA-256: 2b176cb133d91525abd1d5a36eb24ae295f5e1465df048980a0bd0dc165fcb55
libipa_hbac-python-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 36bb85bab59f86f58ed58416cf39d6b4
SHA-256: bbea5d2d47a2cd488807e14b8c9d1efc87df86b22096d1073e238276c14f69aa
sssd-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 6d249e7e760c9dd6f509ec73d11f3d9a
SHA-256: 937b0255411329589a10082108ee4974cdaccadc50f04e7f4505f095e01201b9
sssd-client-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: d558612ed7abccd07e5f139ac1c4ba61
SHA-256: 9dd664d5842b0763d2a982e8ecb6f0dc1224811480751f40351af344e9045112
sssd-client-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 5a77b4884a4a7f7541422ba6059b4e28
SHA-256: 9c5ccc9234ee218b8256404103511600060c2beed2be2132efa47e97d2608a97
sssd-debuginfo-1.5.1-58.el5.i386.rpm
File outdated by:  RHSA-2013:1319
    MD5: 565feb9ff2c8d298d0f244c313e978de
SHA-256: 519103269fad8c48d97897259739ddf90deda650ffa04624ed7e7dc3dc87b7a3
sssd-debuginfo-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: ec1088f9915a7151048e5ac618854799
SHA-256: e60318a7a678d322dcf775707e5f8d0117260c748bfdfe0658d0a51ae29e6334
sssd-tools-1.5.1-58.el5.x86_64.rpm
File outdated by:  RHSA-2013:1319
    MD5: 72a6a3e44f0d7a6a18ca88614b222050
SHA-256: f8a5a1588ea7ffe9e4dcbc0211af4bad635329c01fd40eba56f57ce35d9e2726
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

841677 - hbac rules fail sssd | ipa
850722 - New defect - use of uninitialized value.



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/