from the super-security-fixes dept.
"Please put up a post about the latest two patches, 007 and 008. It's a bit of a botch that those pathces first appeared on openbsd.org/errata.html today, although they were issued four days ago. Because it is not the first time errata.html is late to inform of new patches, I usually rely on deadly.org to inform me of new patches."
The text from
The use of certain ASN.1 encodings or malformed public keys may allow an attacker to mount a denial of service attack against applications linked with ssl(3). This does not affect OpenSSH.