===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata57.html,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- www/errata57.html 2015/03/18 15:01:44 1.3
+++ www/errata57.html 2015/03/19 14:25:37 1.4
@@ -110,6 +110,25 @@
A source code patch exists which remedies this problem.
+
+003: SECURITY FIX: March 19, 2015
+ All architectures
+Fix several crash causing defects from OpenSSL.
+These include:
+CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
+CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
+CVE-2015-0287 - ASN.1 structure reuse memory corruption
+CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref
+CVE-2015-0289 - PKCS7 NULL pointer dereferences
+
+Several other issues did not apply or were already fixed.
+For more information, see the
+OpenSSL advisory.
+
+
+A source code patch exists which remedies this problem.
+
+