Likely contains a security fix for CVE-2012-5127, see bug 442096. Please bump.
I'll have to verify that 0.2.1 contains the fix. Release notes do mention _some_ security fixes. Not sure why upstream is not more precise.
0.2.1 in Portage
CVE-2012-5127 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5127): Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image.
Arch teams, please test and mark stable: =media-libs/libwebp-0.2.1 Stable KEYWORDS : alpha amd64 arm hppa ia64 ppc ppc64 x86
amd64 stable
Stable for HPPA.
stable arm ppc ppc64
x86 done.
alpha/ia64 stable
Thanks, everyone. New GLSA request filed.
This issue was resolved and addressed in GLSA 201312-08 at http://security.gentoo.org/glsa/glsa-201312-08.xml by GLSA coordinator Sergey Popov (pinkbyte).