From http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5107:
"The default configuration of OpenSSH through 6.1 enforces a fixed time limit
between establishing a TCP connection and completing a login, which makes it
easier for remote attackers to cause a denial of service (connection-slot
exhaustion) by periodically making many new TCP connections."
Integrate patches from upstream to enable "random early drop" by default./
Signed-off-by: Ross Burton <ross.burton@intel.com>
