From Fedora Project Wiki

Revision as of 18:38, 19 August 2016 by Sparks (talk | contribs) (Moving text from Security_Team page)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Fedora Security Team logo


To provide the utmost secure operating environment to Fedora and EPEL users by:

  • working with packagers to patch and update packages,
  • identifying and helping to improve secure development practices,
  • answering software security questions from the community.


If you need help or assistance with any issue, please feel free to contact the FST members at

Security Response

To report a vulnerability in software please follow the procedure outlined on the Security Bugs page.

To report a security concern within the Fedora Project please email security at fedoraproject dot org.

What we do

Fedora Security Team aims to ensure that users are protected from vulnerabilities that exist in Fedora packages. Vulnerabilities are reported to Fedora package maintainers via Bugzilla by Red Hat Product Security. These bugs are marked with keywords: SecurityTracking attribute in Bugzilla, for ex. => CVE-2013-0333 rubygem-activesupport: json to yaml parsing. The SecurityTracking keyword indicates that the bug could have security implications which need to be investigated.

We help package maintainers follow up with upstream developers to obtain a patch or a new release which fixes the issue. Once such patch or a new release is available, the package maintainer then builds a new version of the package and submits an update to the Fedora or EPEL repositories via Bodhi.

How to get involved

Joining the team

Joining the Fedora Security Team is an easy, three-step process:

  1. subscribe to the security-team mailing list
  2. join us on the #fedora-security-team[?] IRC channel
  3. read the work flow

Once you feel comfortable just jump in and start helping. If you have questions please ask on IRC or on the mailing list.

Also, please take a look at the proposed Security Team Apprenticeship program as this may help answer additional questions.


This category has only the following subcategory.