> potentially nasty, because it affects a part of OpenSSH that's running with reduced privileges
Er... Shurely it's less potentially nasty than a bug in root-priveleged code? The snippet from the Debian guy seems to agree ..
> "although this is a high-severity bug, it's running in a process with separated privilges. This means that the affected code is running like an ordinary user account, not an administrative account, so the potential attack is more limited."