FreeBSD Security Advisory - OpenSSH clients does not correctly verify DNS SSHFP records when a server offers a certificate. OpenSSH servers which are configured to allow password authentication using PAM (default) would allow many password attempts.
5a62702946b5a02f2793adee927547243f7fc23df83ae91a601fe9c2411fbd69