This update for openssh fixes the following issues: Security issues fixed: - CVE-2016-8858: prevent resource depletion during key exchange - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation - CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication Non security issues fixed: - Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists - fix suggested command for removing conflicting server keys from the known_hosts file