Hi, This is afaics still not fixed in 2.4-1. See the different scope of CVE-2013-0342. The most detaailed explanation is found in the Red Hat bugzilla.
I have for now reopened it, but will re-check if I have a missunderstanding from back then. Regards, Salvatore
