===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata56.html,v
retrieving revision 1.22
retrieving revision 1.23
diff -c -r1.22 -r1.23
*** www/errata56.html 2015/03/18 08:02:48 1.22
--- www/errata56.html 2015/03/19 14:25:37 1.23
***************
*** 285,291 ****
A source code patch exists which remedies this problem.
!
019: SECURITY FIX: March 18, 2015
All architectures
Buffer overflows in libXfont
--- 285,291 ----
A source code patch exists which remedies this problem.
!
019: SECURITY FIX: March 18, 2015
All architectures
Buffer overflows in libXfont
***************
*** 294,299 ****
--- 294,318 ----
X.org advisory.
+ A source code patch exists which remedies this problem.
+
+
+
+ 020: SECURITY FIX: March 19, 2015
+ All architectures
+ Fix several crash causing defects from OpenSSL.
+ These include:
+ CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
+ CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
+ CVE-2015-0287 - ASN.1 structure reuse memory corruption
+ CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref
+ CVE-2015-0289 - PKCS7 NULL pointer dereferences
+
+ Several other issues did not apply or were already fixed.
+ For more information, see the
+ OpenSSL advisory.
+
+
A source code patch exists which remedies this problem.