Je regardais les nouveautés de la prochaine release d'OpenBSD (la 3.8) et parmi les nouveautés d'OpenSSH (4.2), on trouve ça :

Adds a new compression method that delays the start of zlib compression until the user has been authenticated successfully. The new method ("Compression delayed") is on by default in the server and eliminates the risk of any zlib vulnerability leading to a compromise of the server from unauthenticated users.

C'est un sale temps pour les mass-rooters :p