This is a community courtesy notification for a severe security issue affecting some of the JBoss projects and products. Please refer to the following Red Hat KBase article for more information:
JBoss Products & CVE-2010-0738
As a Red Hat/JBoss enterprise customer (paying), you are already notified via the official channels: RHN, CSP etc. Patches/updated products are available to you.
If you are an user of the community project: JBoss Application Server, then you may be affected. Please refer to the kbase article for possible solutions.
JBoss.org Wiki Page for Community Notification