Ubuntu Security Notice USN-3795-3

Ubuntu Security Notice 3795-3 – USN-3795-1 and USN-3795-2 fixed a vulnerability in libssh. The upstream fix introduced a regression. This update fixes the problem. Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials. Various other issues were also addressed.

Link: https://packetstormsecurity.com/files/150520/USN-3795-3.txt