CVE-2016-0777 and CVE-2016-0778 in DragonFly There's two important security updates for SSH.  DragonFly release and development have been updated for it, and you can correct for it on your running system using the one-liner at Undeadly. Note: keep in mind this is a client bug - it's an information leak when you as a client connect out to somewhere else.  A server, as an endpoint, is not affected.