http://www.openssh.com/report.html *patches and notes regarding OpenSSH* points to http://www.openbsd.org/errata.html
Shouldn't there be seperate errata for openssh? If not, I should see there recent DoS security vulns that has been fixed in 4.4, but I don't see them there. Is there one place to track OpenSSH security history?