It's all SSH problems last week, the open-ssh sources have got a little flaw that may be vulnerable for an exploit. The exploit doesn't exist yet, but everyone is busy fixing, especially because SSH is regarded as the safest way of communication.
I've done my share of patching also, and it wasn't easy finding the right libaries as I'm using e-smith version 5.1.2 . This article from the e-smith forum helped me finding the right files, but I've made some extra changes just to be sure. I've restricted the SSH access to certain ip-addresses. I've used the template mechanism for this, I copied the file 45AllowSSH from /etc/e-smith/templates/etc/rc.d/init.d/masq to /etc/e-smith/templates-custom/etc/rc.d/init.d/masq and changed the following: