===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.408
retrieving revision 1.409
diff -c -r1.408 -r1.409
*** www/security.html	2014/04/08 16:39:01	1.408
--- www/security.html	2014/04/09 20:36:50	1.409
***************
*** 234,239 ****
--- 234,243 ----
  <li><a href="errata55.html#002_openssl">April 7, 2014:
  	Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
  	heartbeat extension (RFC6520) which can result in a leak of memory contents.</a>
+ <li><a href="errata55.html#003_ftp">April 9, 2014: ftp(1) defect,
+ 	failure to check the server hostname when connecting to an https
+ 	website, allowing any trusted CA-signed certificate to impersonate
+ 	any other website.</a>
  </ul>
  
  <li><a name="54"></a>