===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata56.html,v
retrieving revision 1.22
retrieving revision 1.23
diff -c -r1.22 -r1.23
*** www/errata56.html	2015/03/18 08:02:48	1.22
--- www/errata56.html	2015/03/19 14:25:37	1.23
***************
*** 285,291 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="023_libxfont">
  <font color="#009000"><strong>019: SECURITY FIX: March 18, 2015</strong></font>
  &nbsp; <i>All architectures</i><br>
  Buffer overflows in libXfont
--- 285,291 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="019_libxfont">
  <font color="#009000"><strong>019: SECURITY FIX: March 18, 2015</strong></font>
  &nbsp; <i>All architectures</i><br>
  Buffer overflows in libXfont
***************
*** 294,299 ****
--- 294,318 ----
  <a href="http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/">X.org advisory</a>.
  <br>
  <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/019_libxfont.patch.sig">
+ A source code patch exists which remedies this problem.</a>
+ <p>
+ 
+ <li id="020_openssl">
+ <font color="#009000"><strong>020: SECURITY FIX: March 19, 2015</strong></font>
+ &nbsp; <i>All architectures</i><br>
+ Fix several crash causing defects from OpenSSL.<br>
+ These include:<br>
+ CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error<br>
+ CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp<br>
+ CVE-2015-0287 - ASN.1 structure reuse memory corruption<br>
+ CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref<br>
+ CVE-2015-0289 - PKCS7 NULL pointer dereferences<br>
+ <br>
+ Several other issues did not apply or were already fixed.<br>
+ For more information, see the
+ <a href="https://www.openssl.org/news/secadv_20150319.txt">OpenSSL advisory</a>.
+ <br>
+ <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/020_openssl.patch.sig">
  A source code patch exists which remedies this problem.</a>
  <p>