botan 1.0.16 and 2.1.0 fix a security bug in the X.509 parsing.
"Botan’s implementation of X.509 name comparisons had a flaw which could result in an out of bound memory read while processing a specially formed DN. This could potentially be exploited for information disclosure or denial of service, or result in incorrect validation results. Found independently by Aleksandar Nikolic of Cisco Talos, and OSS-Fuzz automated fuzzing infrastructure."
A second vuln (CVE-2017-7252) has also been fixed in 2.1.0, but it only affects versions in portage that have never been unmasked, so it's not relevant.
Added, feel free to stabilize.
please test and mark stable: =dev-libs/botan-1.10.16
Arches, please finish stabilizing hppa
Gentoo Security Padawan
(In reply to Aleksandr Wagner (Kivak) from bug#632104 comment#7)
> @Maintainer(s): Please clean the vulnerable versions from tree.
GLSA Vote: No