According to a report released in late August, the Fedora Project became aware of a security incident involving a system used to sign Fedora packages.
From the report:
Administrators of Fedora systems should take the actions prescribed by the Fedora Project to enable a new signing key - this may be done by running yum update on your Fedora system and installing the new GPG key when prompted.While there is no definitive evidence that the Fedora key has been compromised, because Fedora packages are distributed via multiple third-party mirrors and repositories, we have decided to convert to new Fedora signing keys. This may require affirmative steps from every Fedora system owner or administrator.
As with any upgrade, we highly recommend that you back up any core files on your VPS before you proceed.
Should you encounter any difficulty completing the upgrade and key installation process, troubleshooting instructions for Fedora 8 and Fedora 9 are available under the Enabling new signing key article at the Fedora Project Wiki.