Errata overview
Errata ID 93
Date 2014-04-16
Source package openssh
Fixed in version 5.5p1-6.46.201404071521
Two vulnerabilities were found in OpenSSH:
* The AcceptEnv option was misparsed if it contained a wildcard (CVE-2014-2532)
* OpenSSH offers a feature to retrieve SSH hostkeys from DNS called SSHFP (not enabled in 
  UCS by default). If the clients rejected the host certificate of a SSHFP-enabled server,
  then no SSHFP record was fetched from DNS (CVE-2014-2653)
Additional notes This update fixes these vulnerabilities.
CVE ID CVE-2014-2532