Find Out If You are Affected by Security IssuesView updates for all active Red Hat Products
If you have questions about how security issues may affect you, talk to Red Hat Support
Red Hat Product Security
Constantly working to ensure timely, appropriate security fixes for our supported products and services.
Securing your Red Hat Software
Red Hat Product Security follows an internal process for addressing security issues. We investigate and verify the issue, analyze which products are affected, evaluate the impact, and determine the necessary remedial action.
In the cases where a security update must be produced, we work to ensure the fix causes minimal side effects. We also work with you to determine an appropriate public notification date.
Working With You, for You
Security is a team effort. We work with you to identify other organizations, such as other open source software vendors, that you may wish to also contact about the issue.
We personally read and respond to all email communication within three working days. If the issue you tell us about is complicated and requires greater attention from our technical staff, we will contact you to explain this and when to expect a more detailed response. If prolonged investigations are necessary, we will provide you with a mechanism to check the status of our progress at any time.
Our policies allow you to hold us accountable for our performance. We would like to hear from you if you have any feedback on our standards of service and performance. Please contact Red Hat Product Security.
Keeping Your Communication in Confidence
You can share information about security issues with us in confidence. If the information you share with us is not already public knowledge, we will:
- Keep the information you share with Red Hat Product Security confidential within Red Hat, unless you have agreed otherwise.
- Give you a mechanism to communicate with us over a secure channel.
- Not share the information you send to us with any third-parties (including CERT, MITRE, or our partners and customers) without your agreement.
- Expect you to treat communication from us in the same way, and to inform us if you communicate details of the issue to any other party.
Learn more about the measurement standards used by Red Hat Product security to assess a threat.
Learn about Red Hat Product Security's backporting process in more detail.