Ars Technica

I'm upgrading OpenSSH... but what version?

Alright, I have never upgraded OpenSSH, however, with the latest vulnerabilities, I want to upgrade it finally and I'm not sure whether to upgrade to 2.3.0 as O'Reily reccomends, or 3.0 (highest on ...
CSOonline

OpenSSH fixes flaws that enable man-in-the-middle, DoS attacks

Researchers from Qualys found two vulnerabilities that can be combined to bypass the server key verification in OpenSSH clients when the VerifyHostKeyDNS is used, allowing man-in-the-middle attackers ...
CSOonline

OpenSSH vulnerability regreSSHion puts millions of servers at risk

Researchers have uncovered a serious remote code execution vulnerability in the Open Secure Shell (OpenSSH) server that could let unauthenticated attackers obtain a root shell on servers and take them ...