Add missing `<p>'s in Apache-SSL entry.

1 files changed, 4 insertions, 4 deletions

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 67041da3e9ac..2d4cfa5686c0 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -70,15 +70,15 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
       <body xmlns="http://www.w3.org/1999/xhtml">
 	<p>From the Apache-SSL security advisory:</p>
 	<blockquote>
-          If configured with SSLVerifyClient set to 1 or 3 (client
+	  <p>If configured with SSLVerifyClient set to 1 or 3 (client
           certificates optional) and SSLFakeBasicAuth, Apache-SSL
           1.3.28+1.52 and all earlier versions would permit a
           client to use real basic authentication to forge a client
-          certificate.
+	  certificate.</p>
 
-          All the attacker needed is the "one-line DN" of a valid
+	  <p>All the attacker needed is the "one-line DN" of a valid
           user, as used by faked basic auth in Apache-SSL, and the
-          fixed password ("password" by default).
+	  fixed password ("password" by default).</p>
 	</blockquote>
       </body>
     </description>