See http://www.gnu.org/s/gnutls/security.html Fix only for 2.12 and 3.0. It seems gnutls upstream considers 2.10.x deprecated and provides no more security updates. So it's probably time to unmask latest gnutls versions in portage.
CVE-2011-4128 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4128): Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket.
Added to existing GLSA request.
This issue was resolved and addressed in GLSA 201206-18 at http://security.gentoo.org/glsa/glsa-201206-18.xml by GLSA coordinator Sean Amoss (ackle).