LinuxSecurity.com has posted the Trustix announcement for that OpenSSH issue: "Depending on the order of the user keys in ~/.ssh/authorized_keys2
sshd might fail to apply the source IP based access control
restriction (e.g. from="10.0.0.1") to the correct key. Users can circumvent the system policy and login from disallowed
source IP addresses."
October 17, 2001