Fixes:
CVE-2016-0777 - Client Information leak from use of roaming connection
feature.
CVE-2016-0778 - A buffer overflow flaw was found in the way the OpenSSH
client roaming feature was implemented. A malicious server could
potentially use this flaw to execute arbitrary code on a successfully
authenticated OpenSSH client if that client used certain non-default
configuration options.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: James Knight <james.knight@rockwellcollins.com>
Tested-by: James Knight <james.knight@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2ff0e32e25