===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata56.html,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- www/errata56.html	2015/04/30 19:36:17	1.26
+++ www/errata56.html	2015/04/30 19:49:23	1.27
@@ -337,6 +337,31 @@
   A source code patch exists which remedies this problem.</a>
 <p>
 
+<li id="023_elf">
+<font color="#009000"><strong>022: SECURITY FIX: April 30, 2015</strong></font>
+&nbsp; <i>All architectures</i><br>
+Malformed binaries could trigger kernel panics or view kernel memory.
+<br>
+<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/023_elf.patch.sig">
+  A source code patch exists which remedies this problem.</a>
+<p>
+
+<li id="024_tar">
+<font color="#009000"><strong>022: SECURITY FIX: April 30, 2015</strong></font>
+&nbsp; <i>All architectures</i><br>
+Multiple issues in tar/pax/cpio:
+<ul>
+<li>extracting a malicious archive could create files outside of
+the current directory without using pre-existing symlinks to 'escape',
+and could change the timestamps and modes on preexisting files
+<li>tar without -P would permit extraction of paths with ".." components
+<li>there was a buffer overflow in the handling of pax extension headers
+</ul>
+<br>
+<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/024_tar.patch.sig">
+  A source code patch exists which remedies this problem.</a>
+<p>
+
 </ul>
 
 <hr>