Upstream has issued an advisory on January 26: http://openwall.com/lists/oss-security/2018/01/26/7 The issue is fixed in 3.17. Mageia 5 and Mageia 6 are also affected.
Whiteboard: (none) => MGA6TOO
Status comment: (none) => Fixed upstream in 3.17
Already noted in Bug 19029. *** This bug has been marked as a duplicate of bug 19029 ***
Resolution: (none) => DUPLICATEStatus: NEW => RESOLVED