A bug has been found in OpenSSH’s buffer handling where a buffer could
be marked as grown when the actual reallocation failed.
DSA-382-2:
This advisory is an addition to the earlier DSA-382-1 advisory: two more
buffer handling problems have been found in addition to the one
described in DSA-382-1. It is not known if these bugs are exploitable,
but as a precaution an upgrade is advised.
DSA-382-3:
This advisory is an addition to the earlier DSA-382-1 and DSA-382-2
advisories: Solar Designer found four more bugs in OpenSSH that may be
exploitable.
For the Debian stable distribution (woody) these bugs have been fixed
in version
1:3.4p1-1.woody.3.