===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata60.html,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- www/errata60.html 2016/09/17 21:37:44 1.7
+++ www/errata60.html 2016/09/22 18:57:02 1.8
@@ -155,6 +155,41 @@
A source code patch exists which remedies this problem.
+
+
+007: RELIABILITY FIX: September 22, 2016
+ All architectures
+
+Revert change that cleans up the EVP cipher context in EVP_EncryptFinal()
+and EVP_DecryptFinal(). Some software relies on the previous behaviour.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+008: RELIABILITY FIX: September 22, 2016
+ All architectures
+
+Avoid unbounded memory growth in libssl, which can be triggered by a TLS
+client repeatedly renegotiating and sending OCSP Status Request TLS extensions.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+009: SECURITY FIX: September 22, 2016
+ All architectures
+
+Avoid falling back to a weak digest for (EC)DH when using SNI with libssl.
+
+
+A source code patch exists which remedies this problem.
+
+