ssh.c | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

 passwords were left in memory using ssh keyboard-interactive auth

sshbn.c | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

 cve-2013-4206
 Buffer underrun in modmul could corrupt the heap.

import.c | 2 1 + 1 - 0 !
sshdss.c | 7 6 + 1 - 0 !
sshrsa.c | 4 4 + 0 - 0 !
3 files changed, 11 insertions(+), 2 deletions(-)

 cve-2013-4852
 Negative string length in public-key signatures could cause integer
 overflow and overwrite all of memory.

sshbn.c | 71 63 + 8 - 0 !
sshdss.c | 44 35 + 9 - 0 !
sshrsa.c | 16 13 + 3 - 0 !
sshrsag.c | 4 4 + 0 - 0 !
4 files changed, 115 insertions(+), 20 deletions(-)

 cve-2013-4207
 Non-coprime values in DSA signatures can cause buffer overflow in modular
 inverse.

sshdss.c | 16 12 + 4 - 0 !
sshrsa.c | 2 2 + 0 - 0 !
2 files changed, 14 insertions(+), 4 deletions(-)

 cve-2013-4208
 Private keys were left in memory after being used by PuTTY tools.

import.c | 41 30 + 11 - 0 !
misc.c | 23 23 + 0 - 0 !
misc.h | 2 2 + 0 - 0 !
sftp.c | 2 1 + 1 - 0 !
ssh.c | 128 97 + 31 - 0 !
sshdss.c | 2 1 + 1 - 0 !
sshpubk.c | 2 1 + 1 - 0 !
sshrsa.c | 2 1 + 1 - 0 !
unix/uxagentc.c | 3 1 + 2 - 0 !
windows/winpgnt.c | 41 23 + 18 - 0 !
10 files changed, 180 insertions(+), 66 deletions(-)

 proactive potentially-security-relevant tightening
 Tighten up a lot of casts from unsigned to int which are read by one of the
 GET_32BIT macros and then used as length fields.  Missing bounds checks
 against zero have been added, and also I've introduced a helper function
 toint() which casts from unsigned to int in such a way as to avoid C
 undefined behaviour, since I'm not sure I trust compilers any more to do
 the obviously sensible thing.