Posted at LWN.net: "The OpenSSH daemon shipped with SuSE distributions contains various minor
bugs which allows bypassing of IP-access control in some circumstances or
the deletion of files named "cookies" if X11 forwarding is enabled.
It has also been verified that the recent remotely exploitable crc32 bug as
well as the logging-bug has been fixed in our latest ssh packages.
We strongly recommend to update to OpenSSH version 2.9.9p2."
December 4, 2001