Tarsnap versions 1.0.22 through 1.0.27 have a critical security bug, as widely spread by Colin Perciva (see the URL for reference). Please bump it asap.
reassigning to security@g.o
Already committed in cvs.
*** Bug 355431 has been marked as a duplicate of this bug. ***
Greg, please remove older versions from the tree or give your ack on us doing so.
Please feel free to remove older versions of tarsnap from the portage tree, I can't get to my gentoo development machine for a few days to do this myself, sorry.