Several bugs have been found in OpenSSH’s buffer handling. It is not
known if these bugs are exploitable, but as a precaution an upgrade is
advised.
DSA-383-2:
This advisory is an addition to the earlier DSA-383-1 advisory: Solar
Designer found four more bugs in OpenSSH that may be exploitable.
For the Debian stable distribution these bugs have been fixed in version
1:3.4p1-0woody4.
We recommend that you update your ssh-krb5 package.