OpenSSH could be made to expose sensitive information over the network.
It was discovered that the OpenSSH client experimental support for resuming connections contained multiple security issues. A malicious server could use this issue to leak client memory to the server, including private client user keys.
14 January 2016
A security issue affects these releases of Ubuntu and its derivatives:
OpenSSH could be made to expose sensitive information over the network.
It was discovered that the OpenSSH client experimental support for resuming connections contained multiple security issues. A malicious server could use this issue to leak client memory to the server, including private client user keys.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.