Upstream doesn't show a fix published:
https://access.redhat.com/security/cve/cve-2018-3665

Pat

On 06/26/2018 03:23 PM, Mike Ely wrote:
> It's been a while since that was released (at least for Centos7) and I'm
> wondering if there's a plan to release this for SL6 as well.

-- 
Pat Riehecky

Fermi National Accelerator Laboratory
www.fnal.gov
www.scientificlinux.org