Debian Security Advisory 1638-1 - It has been discovered that the signal handler implementing the login timeout in Debian's version of the OpenSSH server uses functions which are not async-signal-safe, leading to a denial of service vulnerability.
3dcd1c93684523b379aae5ed130ab55e469f477cb01b57983baa4faa0beb27f7