===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.409
retrieving revision 1.410
diff -c -r1.409 -r1.410
*** www/security.html	2014/04/09 20:36:50	1.409
--- www/security.html	2014/04/12 17:39:57	1.410
***************
*** 238,243 ****
--- 238,246 ----
  	failure to check the server hostname when connecting to an https
  	website, allowing any trusted CA-signed certificate to impersonate
  	any other website.</a>
+ <li><a href="errata55.html#004_openssl">April 12, 2014:
+ 	A use-after-free race condition in OpenSSL's read buffer may permit
+ 	an attacker to inject data from one connection into another.</a>
  </ul>
  
  <li><a name="54"></a>
***************
*** 261,266 ****
--- 264,272 ----
  <li><a href="errata54.html#007_openssl">April 7, 2014:
  	Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
  	heartbeat extension (RFC6520) which can result in a leak of memory contents.</a>
+ <li><a href="errata54.html#008_openssl">April 12, 2014:
+ 	A use-after-free race condition in OpenSSL's read buffer may permit
+ 	an attacker to inject data from one connection into another.</a>
  </ul>
  
  <li><a name="53"></a>
***************
*** 284,289 ****
--- 290,298 ----
  <li><a href="errata53.html#014_openssl">April 7, 2014:
  	Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
  	heartbeat extension (RFC6520) which can result in a leak of memory contents.</a>
+ <li><a href="errata54.html#015_openssl">April 12, 2014:
+ 	A use-after-free race condition in OpenSSL's read buffer may permit
+ 	an attacker to inject data from one connection into another.</a>
  </ul>
  
  <br><p><b>