===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.210
retrieving revision 1.211
diff -u -r1.210 -r1.211
--- www/errata.html	1999/12/08 01:34:20	1.210
+++ www/errata.html	1999/12/14 19:41:42	1.211
@@ -60,8 +60,10 @@
 <li><font color=#009000><strong>SECURITY FIX: Dec 2, 1999</strong></font><br>
 A buffer overflow in the RSAREF code included in the
 USA version of the libssl package (called <strong>sslUSA</strong>, is
-possibly exploitable in httpd, ssh, or isakmpd, if SSL/RSA features
+possibly exploitable in isakmpd if SSL/RSA features
 are enabled or used.<br>
+<a href=http://www.openssh.com>OpenSSH</a> and httpd (with -DSSL) are not
+vulnerable.<br>
 <strong>NOTE: International users using the ssl26 package are not affected.</strong>
 <p>
 To check what package you are using, use
@@ -224,7 +226,7 @@
 
 <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> 
 <a href=mailto:www@openbsd.org>www@openbsd.org</a>
-<br><small>$OpenBSD: errata.html,v 1.210 1999/12/08 01:34:20 deraadt Exp $</small>
+<br><small>$OpenBSD: errata.html,v 1.211 1999/12/14 19:41:42 deraadt Exp $</small>
 
 </body>
 </html>