Not sure if the one known 5.3 erratum should be listed there already, or only after the official release.
Index: security.html =================================================================== RCS file: /cvs/www/security.html,v retrieving revision 1.394 diff -u -r1.394 security.html --- security.html 18 Feb 2013 21:48:41 -0000 1.394 +++ security.html 25 Mar 2013 15:54:15 -0000 @@ -248,7 +248,18 @@ <p> <ul> -None yet! +<li><a href="errata52.html#001_bgpd">November 29, 2012: + Some other systems have started sending incorrect flags which cause + session failures in OpenBSD's bgpd, and cause it to propagate + incorrect updates. +<li><a href="errata52.html#002_bgpd">March 15, 2013: + A rare condition during session startup may cause bgpd to replace + an active session leading to unknown consequences. Bug found by + inspection (we do not know how to reproduce it, consider that a challenge). +<li><a href="errata52.html#003_tftpd">March 21, 2013: + A denial of services was discovered where certain combinations of + TFTP options could cause OACK generation to fail, which in turn + caused a double free in tftpd. </ul> <li>
