Skip to navigation

Security Advisory Important: kernel security and bug fix update

Advisory: RHSA-2008:0233-10
Type: Security Advisory
Severity: Important
Issued on: 2008-05-07
Last updated on: 2008-05-07
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.1.z server)
CVEs (cve.mitre.org): CVE-2007-5498
CVE-2008-0007
CVE-2008-1367
CVE-2008-1375
CVE-2008-1619
CVE-2008-1669

Details

Updated kernel packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

* the absence of a protection mechanism when attempting to access a
critical section of code has been found in the Linux kernel open file
descriptors control mechanism, fcntl. This could allow a local unprivileged
user to simultaneously execute code, which would otherwise be protected
against parallel execution. As well, a race condition when handling locks
in the Linux kernel fcntl functionality, may have allowed a process
belonging to a local unprivileged user to gain re-ordered access to the
descriptor table. (CVE-2008-1669, Important)

* a possible hypervisor panic was found in the Linux kernel. A privileged
user of a fully virtualized guest could initiate a stress-test File
Transfer Protocol (FTP) transfer between the guest and the hypervisor,
possibly leading to hypervisor panic. (CVE-2008-1619, Important)

* the absence of a protection mechanism when attempting to access a
critical section of code, as well as a race condition, have been found
in the Linux kernel file system event notifier, dnotify. This could allow a
local unprivileged user to get inconsistent data, or to send arbitrary
signals to arbitrary system processes. (CVE-2008-1375, Important)

Red Hat would like to thank Nick Piggin for responsibly disclosing the
following issue:

* when accessing kernel memory locations, certain Linux kernel drivers
registering a fault handler did not perform required range checks. A local
unprivileged user could use this flaw to gain read or write access to
arbitrary kernel memory, or possibly cause a kernel crash.
(CVE-2008-0007, Important)

* the absence of sanity-checks was found in the hypervisor block backend
driver, when running 32-bit paravirtualized guests on a 64-bit host. The
number of blocks to be processed per one request from guest to host, or
vice-versa, was not checked for its maximum value, which could have allowed
a local privileged user of the guest operating system to cause a denial of
service. (CVE-2007-5498, Important)

* it was discovered that the Linux kernel handled string operations in the
opposite way to the GNU Compiler Collection (GCC). This could allow a local
unprivileged user to cause memory corruption. (CVE-2008-1367, Low)

As well, these updated packages fix the following bugs:

* on IBM System z architectures, when running QIOASSIST enabled QDIO
devices in an IBM z/VM environment, the output queue stalled under heavy
load. This caused network performance to degrade, possibly causing network
hangs and outages.

* multiple buffer overflows were discovered in the neofb video driver. It
was not possible for an unprivileged user to exploit these issues, and as
such, they have not been handled as security issues.

* when running Microsoft Windows in a HVM, a bug in vmalloc/vfree caused
network performance to degrade.

* on certain architectures, a bug in the libATA sata_nv driver may have
caused infinite reboots, and an "ata1: CPB flags CMD err flags 0x11" error.

* repeatedly hot-plugging a PCI Express card may have caused "Bad DLLP"
errors.

* a NULL pointer dereference in NFS, which may have caused applications to
crash, has been resolved.

* when attempting to kexec reboot, either manually or via a panic-triggered
kdump, the Unisys ES7000/one hanged after rebooting in the new kernel,
after printing the "Memory: 32839688k/33685504k available" line.

Red Hat Enterprise Linux 5 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
kernel-2.6.18-53.1.19.el5.src.rpm
File outdated by:  RHSA-2008:0275
    MD5: ac60f5241a37ea51cb4c7f20f48ca339
 
IA-32:
kernel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 2963ada355c8820b6115ec517269f12e
kernel-PAE-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 6f271ee60d2c3e049886fb46a237427c
kernel-PAE-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: e24c64ce4870fb3ba937aa40d77dc036
kernel-debug-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: dbe30590944f2a922f84dbeb213b58bd
kernel-debug-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: a9ab1e26641042c72b2f55cc595268c9
kernel-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 1ee2e4d71f49709424e81084d23b5097
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.i386.rpm
File outdated by:  RHSA-2014:0285
    MD5: 7eda13d6283dbd6fa78a06db2f1a9846
kernel-xen-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: e5183bf0c1873db69f9103bdd2f789e0
kernel-xen-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: cc31243704b4080022845db87339ab02
 
IA-64:
kernel-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8f4ef462c792599dbc77123f5f3fdee0
kernel-debug-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: ca28c5b11c5df36f8bbf3109a1da7e40
kernel-debug-devel-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: cfe1c3ae48db3a4c2bfa6274c9e06ab2
kernel-devel-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 3b262a001827b0a3c9c14e8dcad8ea1f
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 691249e3dd45c7f78f7acd0f05faf95b
kernel-xen-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 702d7de23cefc5a91fefa20599f714df
kernel-xen-devel-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 395fcc7d189379c368536cdb622988b0
 
PPC:
kernel-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 99a35c817d8dd8166bc4d77b48e5f481
kernel-debug-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 930ab427c352c1127b251616c8e6a48e
kernel-debug-devel-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 614192f7dcf24ad21a2bd0a1b1594935
kernel-devel-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 877d300eb36fd7836500575996f87d8d
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.ppc.rpm
File outdated by:  RHSA-2014:0285
    MD5: f281749431cdb36243c76a35f5159857
kernel-headers-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: d68f9716c5f028f6c1722b6ac8517f9d
kernel-kdump-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 7d392d5e780f062cae0cb95489bbb317
kernel-kdump-devel-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: c3c7ca866334c46770e708753427d32c
 
s390x:
kernel-2.6.18-53.1.19.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: f31cb2f661d263a062d60ee607a6f22e
kernel-debug-2.6.18-53.1.19.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: c8a20ba5f5067fe9b6cb8bfc14e0e669
kernel-debug-devel-2.6.18-53.1.19.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 6e5cc3bacf8483bbb8b967c62c25a961
kernel-devel-2.6.18-53.1.19.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: b52a2e00bb0a5d88a22028b26bccefe1
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: bd0f4e24511de624c44b030f6269ccc5
 
x86_64:
kernel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 10601b0186454221a828e560b3689c38
kernel-debug-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 4659f537a8f467441b434e43761c7cff
kernel-debug-devel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: a7844c09d6280152672b4161975a4496
kernel-devel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 88b92130631ac42db6103ddd886754e9
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5965328d79e798bc79f28d5982765f1b
kernel-xen-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 7981fa20dc2dee293b30231da7bc3d00
kernel-xen-devel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 1cf7b80775be661246e48f13cac56bf5
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
kernel-2.6.18-53.1.19.el5.src.rpm
File outdated by:  RHSA-2008:0275
    MD5: ac60f5241a37ea51cb4c7f20f48ca339
 
IA-32:
kernel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 2963ada355c8820b6115ec517269f12e
kernel-PAE-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 6f271ee60d2c3e049886fb46a237427c
kernel-PAE-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: e24c64ce4870fb3ba937aa40d77dc036
kernel-debug-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: dbe30590944f2a922f84dbeb213b58bd
kernel-debug-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: a9ab1e26641042c72b2f55cc595268c9
kernel-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 1ee2e4d71f49709424e81084d23b5097
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.i386.rpm
File outdated by:  RHSA-2014:0285
    MD5: 7eda13d6283dbd6fa78a06db2f1a9846
kernel-xen-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: e5183bf0c1873db69f9103bdd2f789e0
kernel-xen-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: cc31243704b4080022845db87339ab02
 
x86_64:
kernel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 10601b0186454221a828e560b3689c38
kernel-debug-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 4659f537a8f467441b434e43761c7cff
kernel-debug-devel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: a7844c09d6280152672b4161975a4496
kernel-devel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 88b92130631ac42db6103ddd886754e9
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5965328d79e798bc79f28d5982765f1b
kernel-xen-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 7981fa20dc2dee293b30231da7bc3d00
kernel-xen-devel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 1cf7b80775be661246e48f13cac56bf5
 
Red Hat Enterprise Linux EUS (v. 5.1.z server)

SRPMS:
kernel-2.6.18-53.1.19.el5.src.rpm
File outdated by:  RHSA-2008:0275
    MD5: ac60f5241a37ea51cb4c7f20f48ca339
 
IA-32:
kernel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2008:0275
    MD5: 2963ada355c8820b6115ec517269f12e
kernel-PAE-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2008:0275
    MD5: 6f271ee60d2c3e049886fb46a237427c
kernel-PAE-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2008:0275
    MD5: e24c64ce4870fb3ba937aa40d77dc036
kernel-debug-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2008:0275
    MD5: dbe30590944f2a922f84dbeb213b58bd
kernel-debug-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2008:0275
    MD5: a9ab1e26641042c72b2f55cc595268c9
kernel-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2008:0275
    MD5: 1ee2e4d71f49709424e81084d23b5097
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2008:0275
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.i386.rpm
File outdated by:  RHSA-2008:0275
    MD5: 7eda13d6283dbd6fa78a06db2f1a9846
kernel-xen-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2008:0275
    MD5: e5183bf0c1873db69f9103bdd2f789e0
kernel-xen-devel-2.6.18-53.1.19.el5.i686.rpm
File outdated by:  RHSA-2008:0275
    MD5: cc31243704b4080022845db87339ab02
 
IA-64:
kernel-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 8f4ef462c792599dbc77123f5f3fdee0
kernel-debug-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2008:0275
    MD5: ca28c5b11c5df36f8bbf3109a1da7e40
kernel-debug-devel-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2008:0275
    MD5: cfe1c3ae48db3a4c2bfa6274c9e06ab2
kernel-devel-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 3b262a001827b0a3c9c14e8dcad8ea1f
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2008:0275
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 691249e3dd45c7f78f7acd0f05faf95b
kernel-xen-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 702d7de23cefc5a91fefa20599f714df
kernel-xen-devel-2.6.18-53.1.19.el5.ia64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 395fcc7d189379c368536cdb622988b0
 
PPC:
kernel-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 99a35c817d8dd8166bc4d77b48e5f481
kernel-debug-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 930ab427c352c1127b251616c8e6a48e
kernel-debug-devel-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 614192f7dcf24ad21a2bd0a1b1594935
kernel-devel-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 877d300eb36fd7836500575996f87d8d
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2008:0275
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.ppc.rpm
File outdated by:  RHSA-2008:0275
    MD5: f281749431cdb36243c76a35f5159857
kernel-headers-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2008:0275
    MD5: d68f9716c5f028f6c1722b6ac8517f9d
kernel-kdump-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 7d392d5e780f062cae0cb95489bbb317
kernel-kdump-devel-2.6.18-53.1.19.el5.ppc64.rpm
File outdated by:  RHSA-2008:0275
    MD5: c3c7ca866334c46770e708753427d32c
 
s390x:
kernel-2.6.18-53.1.19.el5.s390x.rpm
File outdated by:  RHSA-2008:0275
    MD5: f31cb2f661d263a062d60ee607a6f22e
kernel-debug-2.6.18-53.1.19.el5.s390x.rpm
File outdated by:  RHSA-2008:0275
    MD5: c8a20ba5f5067fe9b6cb8bfc14e0e669
kernel-debug-devel-2.6.18-53.1.19.el5.s390x.rpm
File outdated by:  RHSA-2008:0275
    MD5: 6e5cc3bacf8483bbb8b967c62c25a961
kernel-devel-2.6.18-53.1.19.el5.s390x.rpm
File outdated by:  RHSA-2008:0275
    MD5: b52a2e00bb0a5d88a22028b26bccefe1
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2008:0275
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.s390x.rpm
File outdated by:  RHSA-2008:0275
    MD5: bd0f4e24511de624c44b030f6269ccc5
 
x86_64:
kernel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 10601b0186454221a828e560b3689c38
kernel-debug-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 4659f537a8f467441b434e43761c7cff
kernel-debug-devel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0275
    MD5: a7844c09d6280152672b4161975a4496
kernel-devel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 88b92130631ac42db6103ddd886754e9
kernel-doc-2.6.18-53.1.19.el5.noarch.rpm
File outdated by:  RHSA-2008:0275
    MD5: 5db74f3e4c55e585d947202147ecdd43
kernel-headers-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 5965328d79e798bc79f28d5982765f1b
kernel-xen-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 7981fa20dc2dee293b30231da7bc3d00
kernel-xen-devel-2.6.18-53.1.19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0275
    MD5: 1cf7b80775be661246e48f13cac56bf5
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

369531 - CVE-2007-5498 missing sanity check in xen block backend driver
412071 - LTC37008-QDIO based network connections hang with QIOASSIST ON
427400 - CVE-2008-1619 [xen-ia64] Dom0 panic while we run ftp test tool between HVM and Dom0.
428961 - CVE-2008-0007 kernel: insufficient range checks in fault handlers with mremap
433616 - [Xen] vmalloc/vfree on HVM Guest/IA64 does untolerate performance.
433617 - libata: sata_nv may send commands with duplicate tags [5.1.z]
437312 - CVE-2008-1367 Kernel doesn't clear DF for signal handlers
437770 - CVE-2008-1619 [xen-ia64] Dom0 panic while we run ftp test tool between HVM and Dom0.
439754 - CVE-2008-1375 kernel: race condition in dnotify (local DoS, local roothole possible)
440438 - [5.1] PCI Express hotplug driver problem (Bad DLLP) [rhel-5.1.z]
440447 - 2.6.18-53.1.12 crashes on NULL pointer dereference with NFS on the stack [rhel-5.1.z]
442922 - kexec or kdump hangs on ES7000/ONE
443433 - CVE-2008-1669 kernel: add rcu_read_lock() to fcheck() in both dnotify, locks.c and fix fcntl store/load race in locks.c


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/