===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.409
retrieving revision 1.410
diff -u -r1.409 -r1.410
--- www/security.html	2014/04/09 20:36:50	1.409
+++ www/security.html	2014/04/12 17:39:57	1.410
@@ -238,6 +238,9 @@
 	failure to check the server hostname when connecting to an https
 	website, allowing any trusted CA-signed certificate to impersonate
 	any other website.</a>
+<li><a href="errata55.html#004_openssl">April 12, 2014:
+	A use-after-free race condition in OpenSSL's read buffer may permit
+	an attacker to inject data from one connection into another.</a>
 </ul>
 
 <li><a name="54"></a>
@@ -261,6 +264,9 @@
 <li><a href="errata54.html#007_openssl">April 7, 2014:
 	Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
 	heartbeat extension (RFC6520) which can result in a leak of memory contents.</a>
+<li><a href="errata54.html#008_openssl">April 12, 2014:
+	A use-after-free race condition in OpenSSL's read buffer may permit
+	an attacker to inject data from one connection into another.</a>
 </ul>
 
 <li><a name="53"></a>
@@ -284,6 +290,9 @@
 <li><a href="errata53.html#014_openssl">April 7, 2014:
 	Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
 	heartbeat extension (RFC6520) which can result in a leak of memory contents.</a>
+<li><a href="errata54.html#015_openssl">April 12, 2014:
+	A use-after-free race condition in OpenSSL's read buffer may permit
+	an attacker to inject data from one connection into another.</a>
 </ul>
 
 <br><p><b>