Actually it's possible to check yourself. Take a look at the last comment stating an openQA scenario failing on this, click on "Link to latest" and you should be able to find https://openqa.suse.de/tests/1560510#step/yast2_clone_system/14 which shows that the profile validation is not passed yet. https://openqa.suse.de/tests/1560509/file/logs_from_installation_system-y2logs.tar.bz2 are the logfiles from the corresponding qcow image creation job showing that the package version in that installation is already "yast2-firewall [4.0.19-1.2.noarch]".