On Thu, 27 Jul 2017, Adam Weremczuk wrote:
These are the vulnerability I'm referring to and they have been addressed in
OpenSSH versions 6.6 and 7.2p2:
That’s *upstream* version numbers. As Roberto said, the LTS team
will take those changes (and *only* those security-related fixes),
backport them to the old wheezy version and upload that regularily
to the wheezy-security suite.
So, just use these packages. They bear an old *upstream* version
number and lack the new *upstream* features, but they have all
the security fixes backported.
bye,
//mirabilos