New version of CageFS 3.6-6 was pushed into production repository, and should be on your servers next time yum update is executed.
The version fixes security issue with cagefs-update script. This issue was only found in the lab environment, and there was no reports of it being used on any of our customers system. Due to the nature of the vulnerability - it is very hard to abuse on already initialized system running CageFS.
Special thanks to Jeff Petersen for reporting vulnerability to us.