===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata54.html,v
retrieving revision 1.25
retrieving revision 1.26
diff -c -r1.25 -r1.26
*** www/errata54.html	2014/05/02 17:43:48	1.25
--- www/errata54.html	2014/05/24 09:50:42	1.26
***************
*** 177,182 ****
--- 177,196 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
+ <li><a name="010_libXfont"></a>
+ <font color="#009000"><strong>010: SECURITY FIX: May 24, 2014</strong></font>
+ &nbsp; <i>All architectures with X server</i><br>
+ X Font Service Protocol & Font metadata file handling issues in libXfont
+ <ul>
+ <li>CVE-2014-0209: integer overflow of allocations in font metadata file parsing
+ <li>CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies
+ <li>CVE-2014-0211: integer overflows calculating memory needs for xfs replies
+ </ul>
+ Please see <a href="http://lists.x.org/archives/xorg-announce/2014-May/002431.html">the advisory</a> for more information.
+ <br>
+ <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/010_libXfont.patch">
+ A source code patch exists which remedies this problem.</a>
+ <p>
  </ul>
  
  </body>