This update for openssh fixes the following issues: Security issues fixed: - CVE-2016-10012: Fix pre-auth compression checks that could be optimized away . - CVE-2016-10708: Fix remote denial of service via an out-of-sequence NEWKEYSmessage . - CVE-2017-15906: Fix r/o sftp-server zero byte file creation . - CVE-2008-1483: Fix accidental re-introduction of CVE-2008-1483 . Bug fixes: - bsc#1017099: Match conditions with uppercase hostnames fail - bsc#1053972: supportedKeyExchanges diffie-hellman-group1-sha1 is duplicated - bsc#1023275: Messages suppressed after upgrade from SLES 11 SP3 to SP4