Notifications and Advisories

Notification of errata

Red Hat publishes three types of errata:

  • Red Hat Security Advisory (RHSA)
  • Red Hat Bug Advisory (RHBA)
  • Red Hat Enhancement Advisory (RHEA)

We give information about security flaws that affect Red Hat products and services in the form of security advisories (RHSA). To read more about Red Hat Errata, please read the Explaining Red Hat Errata (RHSA, RHBA, and RHEA) article.

Official statements

We provide official vendor statements when a new public security vulnerability is under investigation or where an issue does not affect Red Hat. These statements are available in the Red Hat CVE database by navigating to a CVE name. If no official statement exists, contact Red Hat Product Security.

Advance notification

Red Hat does not provide advance notification of private security issues to our partners or customers or inform them that an investigation is underway for such issues.

For issues already in the public domain, we may notify our partners, customers, or other organizations about our response process or investigations.

Policy for acknowledgment in advisories

Red Hat security advisories contain credits or acknowledgment where appropriate. We aim to include acknowledgment for companies or individuals that have reported issues to us.

Acknowledgements for vulnerabilities that affected Red Hat online services are provided in Red Hat Knowledgebase Article 66234.

Get notified about new security advisories

Red Hat customers can receive notifications of updates to Red Hat products using the Customer Portal Errata Notifications preferences.

New security advisories for Red Hat products published in a human-readable format:

All errata, including bug fixes and enhancements, in a human-readable format can be found at:

New security advisories for Red Hat products are published in a machine-readable format: