===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata55.html,v
retrieving revision 1.14
retrieving revision 1.15
diff -c -r1.14 -r1.15
*** www/errata55.html	2014/05/02 17:43:48	1.14
--- www/errata55.html	2014/05/24 09:50:42	1.15
***************
*** 128,133 ****
--- 128,148 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
+ <li><a name="006_libXfont"></a>
+ <font color="#009000"><strong>006: SECURITY FIX: May 24, 2014</strong></font>
+ &nbsp; <i>All architectures with X server</i><br>
+ X Font Service Protocol & Font metadata file handling issues in libXfont
+ <ul>
+ <li>CVE-2014-0209: integer overflow of allocations in font metadata file parsing
+ <li>CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies
+ <li>CVE-2014-0211: integer overflows calculating memory needs for xfs replies
+ </ul>
+ Please see <a href="http://lists.x.org/archives/xorg-announce/2014-May/002431.html">the advisory</a> for more information.
+ <br>
+ <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/006_libXfont.patch.sig">
+ A source code patch exists which remedies this problem.</a>
+ <p>
+ 
  </ul>
  
  </body>