openssh was updated to fix three security issues. These security issues were fixed: - CVE-2016-3115: Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH allowed remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the do_authenticated1 and session_x11_req functions . - CVE-2016-1908: Possible fallback from untrusted to trusted X11 forwarding . - CVE-2015-8325: Ignore PAM environment vars when UseLogin=yes . These non-security issues were fixed: - Correctly parse GSSAPI KEX algorithms - More verbose FIPS mode/CC related documentation in README.FIPS - Fix PRNG re-seeding - Disable DH parameters under 2048 bits by default and allow lowering the limit back to the RFC 4419 specified minimum through an option - Allow empty Match blocks