So, finaly, today, the advisory was released for FreeBSD: http://www.freebsd.org/security/advisories/FreeBSD-SA-13:14.openssh.asc I'm disappointed in FreeBSD here, the advisory is really late. FreeBSD is supposed to be a secure OS, but it seems that FreeBSD is one of the last that releases the advisory and consequent fix. Still a lover of the OS, but the tempo could be ramped up a bit, or at least prioritised. Specially with these kind of things. I can imagine it takes some time to make a patch for this, but there was a very easy workaround available. Why not publish that right away?