The BER decoder would crash due to reading from offset 0 of an empty vector if it encountered a BIT STRING which did not contain any data at all. This can be used to easily crash applicatons reading untrusted ASN.1 data, but does not seem exploitable for code execution. External references: http://botan.randombit.net/security.html
CVE-2015-5726 has been fixed in 1.8.15 and 1.10.10. As of today, we have: el5: botan-1.8.15-1 el6: botan-1.8.15-1 epel7: botan-1.10.12-1 f22: botan-1.10.12-1 f23: botan-1.10.12-1 f24: botan-1.10.12-1 master: botan-1.10.12-1 So this bug can be closed imho.