===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata58.html,v
retrieving revision 1.19
retrieving revision 1.20
diff -c -r1.19 -r1.20
*** www/errata58.html 2016/04/24 20:08:48 1.19
--- www/errata58.html 2016/05/03 14:37:57 1.20
***************
*** 218,223 ****
--- 218,241 ----
A source code patch exists which remedies this problem.
+
+ 013: SECURITY FIX: May 3, 2016
+ All architectures
+ Fix issues in the libcrypto library.
+ Refer to the OpenSSL advisory.
+
+ - Memory corruption in the ASN.1 encoder (CVE-2016-2108)
+
- Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
+
- EVP_EncodeUpdate overflow (CVE-2016-2105)
+
- EVP_EncryptUpdate overflow (CVE-2016-2106)
+
- ASN.1 BIO excessive memory allocation (CVE-2016-2109)
+
+
+
+ A source code patch exists which remedies this problem.
+
+
+