R 3.4.4 suffers from a local buffer overflow that allows code execution. References: https://github.com/bzyo/CVE-PoCs/tree/master/CVE-2018-9060
Created R tracking bugs for this issue: Affects: epel-all [bug 1573313] Affects: fedora-all [bug 1573314]
Determined to be not a security issue, CVE rejected upstream.