OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. Thesepackages include the core files necessary for both the OpenSSH client andserver.A flaw was found in the SSH protocol. An attacker able to perform aman-in-the-middle attack may be able to obtain a portion of plain text froman arbitrary ciphertext block when a CBC mode cipher was used to encryptSSH communication. This update helps mitigate this attack: OpenSSH clientsand servers now prefer CTR mode ciphers to CBC mode, and the OpenSSH servernow reads SSH packets up to their full possible length when corruption isdetected, rather than reporting errors early, reducing the possibility ofsuccessful plain text recovery. (CVE-2008-5161)This update also fixes the following bug:In addition, this update adds the following enhancements:All OpenSSH users are advised to upgrade to these updated packages, whichcontain backported patches to resolve these issues and add theseenhancements. After installing this update, the OpenSSH server daemon(sshd) will be restarted automatically.