DBus security policy used by bluez-utils need to be updated to work correctly with fixed system message bus security policy (the one that really denies by default, CVE-2008-4311).
As CVE-2008-4311 has been deferred, this bug obviously follows suit. If CVE-2008-4311 is fixed in a future update, this bug will be addressed there.
The dbus change never happened, so closing this as DEFEREED.