Taken from https://docs.engineering.redhat.com/pages/viewpage.action?spaceKey=PRODSEC&title=Errata:

Engineering teams are expected to self-validate their RHSA advisories using the 'Security Alerts' tab in the Errata UI. NOTE: To see alerts, the user must click the button in the 'Security Alerts' tab.

Engineering teams should resolve all 'blocking' alerts and considering resolving any 'non-blocking' alerts as soon as possible. If any security alerts of the 'blocking' type remain, the transition from QE to REL_PREP phase will be blocked.

With the new addition of this 'Security Alerts' workflow, the PS approval is now an optional check and is no longer required for release. 

For trouble resolving any of the security alerts, please reach out to secalert@redhat.com.

If any alerts need to be resolved, refer to the link above and the RHSA Errata Security Alerts doc. For help, contact the Product Security team on their Slack channel, #help-product-security.