Fedora has issued an advisory on January 20: http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097833.html The issue is fixed in 2.3.0, which we have in Cauldron. No CVE is listed.
CC: (none) => dlucio
Closing this now due to Mageia 2 EOL. http://blog.mageia.org/en/2013/11/21/farewell-mageia-2/
Status: NEW => RESOLVEDResolution: (none) => OLDQA Contact: (none) => security