===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata65.html,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- www/errata65.html	2019/11/21 21:01:42	1.18
+++ www/errata65.html	2019/12/04 11:11:35	1.19
@@ -297,6 +297,37 @@
 A source code patch exists which remedies this problem.</a>
 <p>
 
+<li id="p020_mesaxlock">
+<strong>020: SECURITY FIX: December 4, 2019</strong>
+&nbsp; <i>All architectures</i>
+<br>
+Environment-provided paths are used for dlopen() in mesa, resulting in
+escalation to the auth group in xlock(1).
+<br>
+<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.5/common/020_mesaxlock.patch.sig">
+A source code patch exists which remedies this problem.</a>
+<p>
+
+<li id="p021_libcauth">
+<strong>021: SECURITY FIX: December 4, 2019</strong>
+&nbsp; <i>All architectures</i>
+<br>
+libc's authentication layer performed insufficient username validation.
+<br>
+<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.5/common/021_libcauth.patch.sig">
+A source code patch exists which remedies this problem.</a>
+<p>
+
+<li id="p022_xenodm">
+<strong>022: SECURITY FIX: December 4, 2019</strong>
+&nbsp; <i>All architectures</i>
+<br>
+xenodm uses the libc authentication layer incorrectly.
+<br>
+<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.5/common/022_xenodm.patch.sig">
+A source code patch exists which remedies this problem.</a>
+<p>
+
 </ul>
 
 <hr>