"unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related
to the randomness generator, which allows local users to cause a denial
of service by truncating the seed file, which prevents the server from
starting, or obtain sensitive seed information that could be used to
crack keys."
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353
security/lsh at 1.4.3.
lsh-2.0.1 has interoperability problems with openssh servers
(always gets "Invalid server signature" errors).
lsh-1.4.3 is not affected by CAN-2003-0826. Add a patch to address
CAN-2005-0814 and bump PKGREVISION.