Today I've heard about this OpenSSH vulnerability http://undeadly.org/cgi?action=article&sid=20160114142733
> the client code [...] could be tricked by a malicious server into leaking client memory to the server, including private client user keys. I believe all developers on this list use ssh and don't want to compromise their private keys, so letting you know :) Even if you connect only to trusted server you should consider fixing it on your systems anyway (see the link for how, it's easy)
