===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.408
retrieving revision 1.409
diff -u -r1.408 -r1.409
--- www/security.html	2014/04/08 16:39:01	1.408
+++ www/security.html	2014/04/09 20:36:50	1.409
@@ -234,6 +234,10 @@
 <li><a href="errata55.html#002_openssl">April 7, 2014:
 	Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
 	heartbeat extension (RFC6520) which can result in a leak of memory contents.</a>
+<li><a href="errata55.html#003_ftp">April 9, 2014: ftp(1) defect,
+	failure to check the server hostname when connecting to an https
+	website, allowing any trusted CA-signed certificate to impersonate
+	any other website.</a>
 </ul>
 
 <li><a name="54"></a>