heh. I was going to post this earlier but I didn't have a proper write up for it.
Ditto. I didn't have the files up on the mirrors yet either.
The OpenSSH hole is annoying as hell. It means that everybody has to suddenly go out and patch/upgrade untold numbers of systems as normally the SSH port would be open.
If you've not got enough time then firewalling the SSH port and only allowing authorised IP addresses (static only though!) to connect should mitigate some of the risk but it's best to upgrade still.
Yep, big pain in the butt. Every one of my machines has SSH on it, eesh. So far I've got all but three of them patched/upgraded.