See: http://www.securityfocus.com/archive/1/147078 The exploit leads to an egid=21(slocate) shell. Tested on RH 6.1, but all versions of slocate shipped with at least RH 6.0 to RH 7 are vulnerable.
closing as errata release is out.