** Please note that this issue is confidential and no information should be disclosed until it is made public, see "Whiteboard" for a date ** Tomas Mraz of RedHat reported an issue in GnuTLS that can lead to a function dereference of a freed heap structure. Impact is currently under discussion. This bug was introduced in GnuTLS 2.3.5 and is present in GnuTLS 2.4.0. Please do not proceed any affected versions for stabling. This only affects our ~arch systems.
public as per urls detail http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2948 will do ebuild soon
gnutls-2.4.1 added gnutls-2.4.0 and gnutls-2.3.11.ebuild removed thanks Robert. description from upstream makes it seem though RCE is unlikely and DoS is fairly sure.
Thanks, closing then.