Red Hat Corrects Security Flaw Within Hours

Open Source Software Enables Discovery of Flaw and Creation of Fix and Release to Customers Within Hours

-

Red Hat, Inc. (NASDAQ:RHAT), the leader in open source solutions for Internet infrastructure, created a fix for a security flaw in Piranha, the high-availability clustering component of its Red Hat Linux 6.2 open source operating system, last week and issued it to customers within hours of notification by Internet Security Systems. The flaw, identified on the afternoon of Wednesday, April 19, was corrected by Red Hat that evening. An initial patch correcting the software was released to customers on Thursday morning, April 20. The flaw appeared only in version 6.2 of the Red Hat Linux operating system.

The availability of source code enabled the flaw to be discovered and fixed quickly. Corrections for security bugs in proprietary software often may not be available for two weeks or longer.

"We are pleased that the open source development approach enabled us to fix this flaw so quickly," said Michael Tiemann, CTO, Red Hat. "Software is very complex and sometimes errors happen in development. Some have incorrectly called this flaw a 'back door,' which clearly it is not. Software flaws happen, but with open source there's a vast community of experts who make it their mission to seek out and solve problems quickly. This is a perfect example of that process in action - within hours of our learning of the problem, we delivered a fix to our customers."

Red Hat encourages its customers to learn more about the rapid correction of any problem in the Updates and Errata section of our website. An update specific to the piranha package can be found at http://www.redhat.com/support/errata/RHSA-2000014-16.html.

LINUX is a trademark of Linus Torvalds. RED HAT is a registered trademark of Red Hat, Inc. All other names and trademarks are the property of their respective owners.

  • About Red Hat

  • Red Hat is the world’s leading provider of open source software solutions, using a community-powered approach to reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As the connective hub in a global network of enterprises, partners, and open source communities, Red Hat helps create relevant, innovative technologies that liberate resources for growth and prepare customers for the future of IT. Learn more at http://www.redhat.com.



  • Forward-Looking Statements

  • Certain statements contained in this press release may constitute "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements provide current expectations of future events based on certain assumptions and include any statement that does not directly relate to any historical or current fact. Actual results may differ materially from those indicated by such forward-looking statements as a result of various important factors, including: risks related to delays or reductions in information technology spending; the effects of industry consolidation; the ability of the Company to compete effectively; the integration of acquisitions and the ability to market successfully acquired technologies and products; uncertainty and adverse results in litigation and related settlements; the inability to adequately protect Company intellectual property and the potential for infringement or breach of license claims of or relating to third party intellectual property; the ability to deliver and stimulate demand for new products and technological innovations on a timely basis; risks related to data and information security vulnerabilities; ineffective management of, and control over, the Company’s growth and international operations; fluctuations in exchange rates; and changes in and a dependence on key personnel, as well as other factors contained in our most recent Quarterly Report on Form 10-Q (copies of which may be accessed through the Securities and Exchange Commission’s website at http://www.sec.gov), including those found therein under the captions "Risk Factors" and "Management’s Discussion and Analysis of Financial Condition and Results of Operations". In addition to these factors, actual future performance, outcomes, and results may differ materially because of more general factors including (without limitation) general industry and market conditions and growth rates, economic and political conditions, governmental and public policy changes and the impact of natural disasters such as earthquakes and floods. The forward-looking statements included in this press release represent the Company’s views as of the date of this press release and these views could change. However, while the Company may elect to update these forward-looking statements at some point in the future, the Company specifically disclaims any obligation to do so. These forward-looking statements should not be relied upon as representing the Company’s views as of any date subsequent to the date of this press release.