In the Fedora Announce List, Red Hat reported that some of there server was compromised. Security work is ongoing.
You can see the e-mail about this on fedora-announce-list.
Red Hat has released a security advisory and a script to detect potentially compromised openssh packages. Red Hat highly recommended to update to new release ASAP.