===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata56.html,v
retrieving revision 1.4
retrieving revision 1.5
diff -c -r1.4 -r1.5
*** www/errata56.html	2014/10/19 21:08:19	1.4
--- www/errata56.html	2014/10/21 18:25:37	1.5
***************
*** 125,130 ****
--- 125,145 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
+ <li><a name="005_nosslv3"></a>
+ <font color="#009000"><strong>005: SECURITY FIX: October 20, 2014</strong></font>
+ &nbsp; <i>All architectures</i><br>
+ This patch disables the SSLv3 protocol by default.
+ <p>
+ <i>
+ Applications depending on SSLv3 may need to be recompiled with
+ <pre>    SSL_CTX_clear_option(ctx, SSL_OP_NO_SSLv3);</pre>
+ but we recommend against the continued use of this obsolete protocol.
+ </i>
+ <p>
+ <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/005_nosslv3.patch.sig">
+ A source code patch exists which remedies this problem.</a>
+ <p>
+ 
  </ul>
  
  </body>