Friday August 22nd, 2008 Redhat announced that their servers had been compromised and that the hacker was able to sign a small amount of Redhat SSHS and Redhat issued a warning on the RedHat Network to alert Redhat users of the system breach and let their customers know that they are "highly confident" that the breach did not effect the Redhat Network and that it is safe to download updates via the Redhat Network.
Redhat issued the alert "primarily for those who may obtain Red Hat binary packages via channels other than
those of official Red Hat subscribers."
Another attack occured to one of the Fedora servers that has the Fedora signing packages but Redhat is "Highly confident" that the "passphrase" to the Fedora signing packages was not used during the time of the attack but to be on the safe side they changed the Fedora Signing Packages and sent out the update.
Read Redhats E-mail for the full story.