===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata59.html,v
retrieving revision 1.7
retrieving revision 1.8
diff -c -r1.7 -r1.8
*** www/errata59.html	2016/05/01 13:32:35	1.7
--- www/errata59.html	2016/05/03 14:37:57	1.8
***************
*** 128,133 ****
--- 128,149 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
+ <li id="005_crypto">
+ <font color="#009000"><strong>005: SECURITY FIX: May 3, 2016</strong></font>
+ &nbsp; <i>All architectures</i><br>
+ Fix issues in the libcrypto library.
+ Refer to <a href="https://www.openssl.org/news/secadv/20160503.txt">the advisory</a>.
+ <ul>
+ <li>Memory corruption in the ASN.1 encoder (CVE-2016-2108)
+ <li>Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
+ <li>EVP_EncodeUpdate overflow (CVE-2016-2105)
+ <li>EVP_EncryptUpdate overflow (CVE-2016-2106)
+ <li>ASN.1 BIO excessive memory allocation (CVE-2016-2109)
+ </ul>
+ <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/005_crypto.patch.sig">
+ A source code patch exists which remedies this problem.</a>
+ <p>
+ 
  </ul>
  
  <hr>