The stunnel program is designed to work as an SSL encryption wrapper between a client and a local or remote server.
An unspecified heap vulnerability was discovered in stunnel.
The vulnerability may possibly be leveraged to perform remote code execution or a Denial of Service attack.
There is no known workaround at this time.
All stunnel 4.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/stunnel-4.44"