Skip to navigation

Security Advisory Moderate: glibc security and bug fix update

Advisory: RHSA-2012:1097-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-07-18
Last updated on: 2012-07-18
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2012-3406

Details

Updated glibc packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

The glibc packages provide the standard C and standard math libraries used
by multiple programs on the system. Without these libraries, the Linux
system cannot function properly.

It was discovered that the formatted printing functionality in glibc did
not properly restrict the use of alloca(). This could allow an attacker to
bypass FORTIFY_SOURCE protections and execute arbitrary code using a format
string flaw in an application, even though these protections are expected
to limit the impact of such flaws to an application abort. (CVE-2012-3406)

This update also fixes the following bug:

* If a file or a string was in the IBM-930 encoding, and contained the
invalid multibyte character "0xffff", attempting to use iconv() (or the
iconv command) to convert that file or string to another encoding, such as
UTF-8, resulted in a segmentation fault. With this update, the conversion
code for the IBM-930 encoding recognizes this invalid character and calls
an error handler, rather than causing a segmentation fault. (BZ#837896)

All users of glibc are advised to upgrade to these updated packages, which
contain backported patches to fix these issues.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
glibc-2.5-81.el5_8.4.src.rpm
File outdated by:  RHSA-2013:1411
    MD5: b8f98b9ea366300a50ab127daabda751
SHA-256: 9aef8595ac2dc568131db7cb61d6e2b21eb28f4550c044b2a77fd42122954fea
 
IA-32:
glibc-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: c7bd23865037e8b72114aab25596c883
SHA-256: 052ccd76036f22aff2f5616cd8db45cad95121a0ec1f48476fee7669da9787cc
glibc-2.5-81.el5_8.4.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 312383cfe73a3cac8e80c7267c8a6437
SHA-256: 0ccf6460bbc9622608bdb537bd0c69f41175fc0aa78f3e0d91df65efcb392a6b
glibc-common-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: dc65c82912d425af961da98178a0ad61
SHA-256: b227a44ec6119a3f6ac2cb147b464ae7187f8e4ff5b29eb91ad728ea21c12ec2
glibc-debuginfo-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2dce42aa7e9d7b120e1dec2ae95fede0
SHA-256: d34f740a9c2df5cc85026c5e68f042c297c84088532c224a0b377e943204f8ce
glibc-debuginfo-2.5-81.el5_8.4.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 8dca55c3d0b59e69a4a377eb8c551e3d
SHA-256: ee40996ff6cf39a7705ce67eaeef5842b55daf18b939eafd6a14000f0366ec28
glibc-debuginfo-common-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3c226c60ec7e8974dc4d731247df9642
SHA-256: 162d3c6acf1feb7df13aa7a7b287464e576ac66c154247ee0f1f517ecadca035
glibc-devel-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 419b7fb1516d4badf1824f510b3d0d98
SHA-256: 91dcd6a807eb5cd7e804651a9d428d772a66da4f34d110053d80b8a391052680
glibc-headers-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 411736d33bcfca49289dd0d18aee6505
SHA-256: d706a71504e0f21a1983ccdac883ef7afaf4ca4d69bc4f145367933051c179f1
glibc-utils-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 1cf2b6b959d45d17e732d6ff9a5267de
SHA-256: 04f122f9e9aab13f2219dc8e8c61eddcd583f5b037c985750a4b0a025bb83648
nscd-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: dd0b3595bdf3648037dbe6b39838be9c
SHA-256: 0d11fee95f009ce3a1c553941f4e0046b16fce83d63a60ae6f19c254cf08143f
 
IA-64:
glibc-2.5-81.el5_8.4.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 312383cfe73a3cac8e80c7267c8a6437
SHA-256: 0ccf6460bbc9622608bdb537bd0c69f41175fc0aa78f3e0d91df65efcb392a6b
glibc-2.5-81.el5_8.4.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e87c9ea0f3b865bda246ee584deb2183
SHA-256: d5c3590597be67f28fbaf802fd61b014c1f971210671cd6a95f91280fd526c2a
glibc-common-2.5-81.el5_8.4.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 7463ae1f73c7f0ec66a224675a3e453e
SHA-256: e52e16f27d70f30ef99e747952587de9b650ca094393f8dbb7ab2e8802b3b97a
glibc-debuginfo-2.5-81.el5_8.4.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 8dca55c3d0b59e69a4a377eb8c551e3d
SHA-256: ee40996ff6cf39a7705ce67eaeef5842b55daf18b939eafd6a14000f0366ec28
glibc-debuginfo-2.5-81.el5_8.4.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 7816cad4944e06a707d6a45d96722502
SHA-256: 09ff6dee95478b2c53c6b089e405b27c176498e97d9585b98296dba0683084b9
glibc-devel-2.5-81.el5_8.4.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 640a2743ccdf2ca82c55b3c4a0363436
SHA-256: 0941d2475f9239d9974d4fc9f901d6aeef6d7171304fe6d533b7a02540941d87
glibc-headers-2.5-81.el5_8.4.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 1464c3b20ce37d40e706bc96519f3232
SHA-256: 378f7a3bbd4dee91bb15192351567900de08e5bfa91287a7c5c9be54d2905e5b
glibc-utils-2.5-81.el5_8.4.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: bf2282f8e638603ef64d014d425cb21a
SHA-256: c2c10ccf4139c2b9f3bbec08afed971c7f2e0cc5f915929043ee8c244e8e6c7b
nscd-2.5-81.el5_8.4.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 49a250b5fcb558235da71b0e9c0e9e38
SHA-256: f0e42f921eb801a14a37b16b9fe6b4e2a616ff92e1c5c80dbaf466a1034d5ebc
 
PPC:
glibc-2.5-81.el5_8.4.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 9bcf8aafe9e4486735ac7906c877083a
SHA-256: 79291d1f7a4d81af977bef66c4237b1a6e3527019c4a779811987101df2ca134
glibc-2.5-81.el5_8.4.ppc64.rpm
File outdated by:  RHSA-2013:1411
    MD5: b160cfa02d4705a97fe56d2475e52a7d
SHA-256: 3f2a9da561e775f4a0bb5d224f1d39967e3b5d5edee9ba8edc2ee62ec2a7e5bc
glibc-common-2.5-81.el5_8.4.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 1abd102ba0cae8b64328ef3c06e7fbc3
SHA-256: 663fdf82f9ba931f7a62b7c297b4dcd9f90d8aa89183664d1cda4a006c81bee5
glibc-debuginfo-2.5-81.el5_8.4.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: fcbcb34ca93bb461978da582272bbb4d
SHA-256: 88ebbea130cd27faff7b16fa7da7cf872664472d92efffe994eb695207bc1909
glibc-debuginfo-2.5-81.el5_8.4.ppc64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3957d5a71e5dca5ae81d6b9aa97077b2
SHA-256: 4856b06133c45fe53e3e4abca8ece6675e158dba19276cb928e7e6bf33b8ba0e
glibc-devel-2.5-81.el5_8.4.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: b8c7daa555d24c6381357f300a22e584
SHA-256: 2a60a7a9b4d42c82e32a6a738c91a2c0f9a6861f776a4aaa7ef77b6bfadc723c
glibc-devel-2.5-81.el5_8.4.ppc64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e14598cefe877dfee33e426feab60a3b
SHA-256: 529c8d352edc72a6b38a768b6cece9b6953330bc09fe65d2c84154fe9c416898
glibc-headers-2.5-81.el5_8.4.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: bfcb6c11b3a908437dc3f28193d2b6ed
SHA-256: e09cd79a3d6a5af26e0ec2c186d2b92993147408b719afe8a0cf88f95947856e
glibc-utils-2.5-81.el5_8.4.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: bfd1c8f9ae290613ff239388f22fe1ff
SHA-256: 5ec5538675df974973b133b6738a31c4f459a9d5d75e83c8cd8f132e24994ca0
nscd-2.5-81.el5_8.4.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 11f55f5548c096c9ec6357cc4da83906
SHA-256: b050fe5eaca172e26b1ad465df268704e7cd43477199e301eb81e78dfeed4638
 
s390x:
glibc-2.5-81.el5_8.4.s390.rpm
File outdated by:  RHSA-2013:1411
    MD5: 995cb45038004057be64f96db172730b
SHA-256: 86a7b0a03f4fa6f938c8eb3fd66f34122e525ff4d5b6138c8950b8a5a0df904a
glibc-2.5-81.el5_8.4.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 655810d87c8931954140535f75d9bd09
SHA-256: 86bae495523bb4a0bd3f55ef463a65490f9686705eca94f1a39eb93222cb72a6
glibc-common-2.5-81.el5_8.4.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 75bbf60a2264fece2b9f7b693fd4532f
SHA-256: 0ad545a14203cfb35b00a8ebc145bb13565d91db77325268e17a22070208da9c
glibc-debuginfo-2.5-81.el5_8.4.s390.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3d86b5e6782e3525c1e7cf51609d166b
SHA-256: 695b7bcf57e26a3e06e5cae15ee85fbc06a5a185d4683edd265d3be6394e3d04
glibc-debuginfo-2.5-81.el5_8.4.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: b5a47641a607919c511ab28eb73c9236
SHA-256: d9e9e69af22266481bdf3b3de5dde807f0c934cbf6748f466f9385ffc7eda5cc
glibc-devel-2.5-81.el5_8.4.s390.rpm
File outdated by:  RHSA-2013:1411
    MD5: 450635d600e20391562a8640ac6d380d
SHA-256: a11dccd944d5a3295bf8170e7a1145b9885e99e3d0f8370cf3f098f6575e9e9f
glibc-devel-2.5-81.el5_8.4.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 9b97be9a05b38aaada7b9f1403585a68
SHA-256: f24229e47c4d1a0bd782d435d9a0199e3a4caceeb4097030714680b9ca20a1bf
glibc-headers-2.5-81.el5_8.4.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 75de8857c64a3aa683972f0d88bed099
SHA-256: 004dd5efc5946b35342cbb29244c9d6399d5e5d4bf5489cdedba8e589e96504f
glibc-utils-2.5-81.el5_8.4.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 4084f7a605d19ac8a8ca0dbba2b04d77
SHA-256: cdaebb60200e5462a6286fd73180d0425c33a14dd11e77cd920c5bcc6c0371c3
nscd-2.5-81.el5_8.4.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: f579f548e894e9ee92a5a2e4cf290c75
SHA-256: ab5455def459c1e844e5a40a223d0408087a583c61a2777832ddc8ae6ffb1981
 
x86_64:
glibc-2.5-81.el5_8.4.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 312383cfe73a3cac8e80c7267c8a6437
SHA-256: 0ccf6460bbc9622608bdb537bd0c69f41175fc0aa78f3e0d91df65efcb392a6b
glibc-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: ecf2fbe02914fa48487a9e267e0bbadd
SHA-256: a7c98c57c4ad175918ea01de493ebbb677b4421ddf2cf8614686a07a9f6d917d
glibc-common-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: d168b572e08e115fb02937c8d759b5cd
SHA-256: 4b4748cdc8174c17350d3194858386f32b658bd2c36d2bd0942fad5111858034
glibc-debuginfo-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2dce42aa7e9d7b120e1dec2ae95fede0
SHA-256: d34f740a9c2df5cc85026c5e68f042c297c84088532c224a0b377e943204f8ce
glibc-debuginfo-2.5-81.el5_8.4.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 8dca55c3d0b59e69a4a377eb8c551e3d
SHA-256: ee40996ff6cf39a7705ce67eaeef5842b55daf18b939eafd6a14000f0366ec28
glibc-debuginfo-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: cdc2fea3137ccc3e652ec6692a28c9f3
SHA-256: 801a50fccebd34b7e239cc5b73db7f0117cd55414ab3b55220e90b89ba0104b4
glibc-debuginfo-common-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3c226c60ec7e8974dc4d731247df9642
SHA-256: 162d3c6acf1feb7df13aa7a7b287464e576ac66c154247ee0f1f517ecadca035
glibc-devel-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 419b7fb1516d4badf1824f510b3d0d98
SHA-256: 91dcd6a807eb5cd7e804651a9d428d772a66da4f34d110053d80b8a391052680
glibc-devel-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: bfe856f4fa811a2a78bf0e760c5d37a2
SHA-256: 727cf01b47f7bf39c037a34962f2b098117cbeb738dab47a457b4cb161eb64d2
glibc-headers-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: b7168fb68839a8d91fbe304640aa403e
SHA-256: 00ec5484ab7de87001b88014419453f0e7ff18146a1950f46a919b73b09bb18e
glibc-utils-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 0e738daa019bc3351808341af66295e9
SHA-256: 5880e7f5eb4c82338f6e2854cbd0fd37f7e18fad375f8fb0a8dfcc077f30e1b8
nscd-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e15aa1ae81edfc437bedb8c51a708494
SHA-256: ac16dd2376920909d15f173ddf84b63e553b1ded8b57951de480811c984b3ced
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
glibc-2.5-81.el5_8.4.src.rpm
File outdated by:  RHSA-2013:1411
    MD5: b8f98b9ea366300a50ab127daabda751
SHA-256: 9aef8595ac2dc568131db7cb61d6e2b21eb28f4550c044b2a77fd42122954fea
 
IA-32:
glibc-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: c7bd23865037e8b72114aab25596c883
SHA-256: 052ccd76036f22aff2f5616cd8db45cad95121a0ec1f48476fee7669da9787cc
glibc-2.5-81.el5_8.4.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 312383cfe73a3cac8e80c7267c8a6437
SHA-256: 0ccf6460bbc9622608bdb537bd0c69f41175fc0aa78f3e0d91df65efcb392a6b
glibc-common-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: dc65c82912d425af961da98178a0ad61
SHA-256: b227a44ec6119a3f6ac2cb147b464ae7187f8e4ff5b29eb91ad728ea21c12ec2
glibc-debuginfo-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2dce42aa7e9d7b120e1dec2ae95fede0
SHA-256: d34f740a9c2df5cc85026c5e68f042c297c84088532c224a0b377e943204f8ce
glibc-debuginfo-2.5-81.el5_8.4.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 8dca55c3d0b59e69a4a377eb8c551e3d
SHA-256: ee40996ff6cf39a7705ce67eaeef5842b55daf18b939eafd6a14000f0366ec28
glibc-debuginfo-common-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3c226c60ec7e8974dc4d731247df9642
SHA-256: 162d3c6acf1feb7df13aa7a7b287464e576ac66c154247ee0f1f517ecadca035
glibc-devel-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 419b7fb1516d4badf1824f510b3d0d98
SHA-256: 91dcd6a807eb5cd7e804651a9d428d772a66da4f34d110053d80b8a391052680
glibc-headers-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 411736d33bcfca49289dd0d18aee6505
SHA-256: d706a71504e0f21a1983ccdac883ef7afaf4ca4d69bc4f145367933051c179f1
glibc-utils-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 1cf2b6b959d45d17e732d6ff9a5267de
SHA-256: 04f122f9e9aab13f2219dc8e8c61eddcd583f5b037c985750a4b0a025bb83648
nscd-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: dd0b3595bdf3648037dbe6b39838be9c
SHA-256: 0d11fee95f009ce3a1c553941f4e0046b16fce83d63a60ae6f19c254cf08143f
 
x86_64:
glibc-2.5-81.el5_8.4.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 312383cfe73a3cac8e80c7267c8a6437
SHA-256: 0ccf6460bbc9622608bdb537bd0c69f41175fc0aa78f3e0d91df65efcb392a6b
glibc-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: ecf2fbe02914fa48487a9e267e0bbadd
SHA-256: a7c98c57c4ad175918ea01de493ebbb677b4421ddf2cf8614686a07a9f6d917d
glibc-common-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: d168b572e08e115fb02937c8d759b5cd
SHA-256: 4b4748cdc8174c17350d3194858386f32b658bd2c36d2bd0942fad5111858034
glibc-debuginfo-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2dce42aa7e9d7b120e1dec2ae95fede0
SHA-256: d34f740a9c2df5cc85026c5e68f042c297c84088532c224a0b377e943204f8ce
glibc-debuginfo-2.5-81.el5_8.4.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: 8dca55c3d0b59e69a4a377eb8c551e3d
SHA-256: ee40996ff6cf39a7705ce67eaeef5842b55daf18b939eafd6a14000f0366ec28
glibc-debuginfo-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: cdc2fea3137ccc3e652ec6692a28c9f3
SHA-256: 801a50fccebd34b7e239cc5b73db7f0117cd55414ab3b55220e90b89ba0104b4
glibc-debuginfo-common-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3c226c60ec7e8974dc4d731247df9642
SHA-256: 162d3c6acf1feb7df13aa7a7b287464e576ac66c154247ee0f1f517ecadca035
glibc-devel-2.5-81.el5_8.4.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 419b7fb1516d4badf1824f510b3d0d98
SHA-256: 91dcd6a807eb5cd7e804651a9d428d772a66da4f34d110053d80b8a391052680
glibc-devel-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: bfe856f4fa811a2a78bf0e760c5d37a2
SHA-256: 727cf01b47f7bf39c037a34962f2b098117cbeb738dab47a457b4cb161eb64d2
glibc-headers-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: b7168fb68839a8d91fbe304640aa403e
SHA-256: 00ec5484ab7de87001b88014419453f0e7ff18146a1950f46a919b73b09bb18e
glibc-utils-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 0e738daa019bc3351808341af66295e9
SHA-256: 5880e7f5eb4c82338f6e2854cbd0fd37f7e18fad375f8fb0a8dfcc077f30e1b8
nscd-2.5-81.el5_8.4.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e15aa1ae81edfc437bedb8c51a708494
SHA-256: ac16dd2376920909d15f173ddf84b63e553b1ded8b57951de480811c984b3ced
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

826943 - CVE-2012-3406 glibc: printf() unbound alloca() usage in case of positional parameters + many format specs


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/