From the upstream notification at $URL: "In Sept. 2011 security researchers demonstrated how a previously known CBC encryption weakness could be used to decrypt HTTP data over SSL. The attack was named BEAST (Browser Exploit Against SSL/TLS). As with previous man-in-the-middle SSL vulnerabilities, the attack is generally considered a very low risk for individual browsers as it requires the attacker to have control over the network. Additionally, in this specific exploit they will also have to have a mechanism to elicit known HTTPS responses from the client. Most MatrixSSL users do not fall into the category of vulnerable uses."
Created attachment 289441 [details, diff] ebuild.patch @embedded, same ebuild works for me, added eapi4 and static-libs, please review and commit. SONAME is not a regression
3.2.2 in tree, thanks ssuominen for bump. Closing as noglsa.
*** Bug 387277 has been marked as a duplicate of this bug. ***
For completeness, I've removed the vulnerable version from tree.
