===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata58.html,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- www/errata58.html	2015/09/28 19:44:59	1.4
+++ www/errata58.html	2015/10/02 02:26:38	1.5
@@ -111,6 +111,25 @@
 A source code patch exists which remedies this problem.</a>
 <p>
 
+<li id="004_smtpd">
+<font color="#009000"><strong>004: SECURITY FIX: October 1, 2015</strong></font>
+&nbsp; <i>All architectures</i><br>
+Fix multiple reliability and security issues in smtpd:<br>
+<ul>
+<li>local and remote users could make smtpd crash or stop serving requests.
+<li>a buffer overflow in the unprivileged, non-chrooted smtpd (lookup)
+    process could allow a local user to cause a crash or potentially
+    execute arbitrary code.
+<li>a use-after-free in the unprivileged, non-chrooted smtpd (lookup)
+    process could allow a remote attacker to cause a crash or potentially
+    execute arbitrary code.
+<li>hardlink and symlink attacks allowed a local user to unset chflags or
+    leak the first line of an arbitrary file.
+</ul>
+<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.8/common/004_smtpd.patch.sig">
+A source code patch exists which remedies this problem.</a>
+<p>
+
 </ul>
 
 <hr>