From dd970dbaa54620609df5d95263a5b79b6551d07d Mon Sep 17 00:00:00 2001
From: Garrett Honeycutt <code@garretthoneycutt.com>
Date: Sun, 17 Jan 2016 13:12:26 -0500
Subject: [PATCH] Add CVE-2016-0777 and CVE-2016-0778 information to README

---
 README.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index a27f81f..189a8c8 100644
--- a/README.md
+++ b/README.md
@@ -342,7 +342,11 @@ This module sets this option to 'yes' on Linux and undef on Solaris.
 
 ssh_config_use_roaming
 ----------------------
-String to enable or disable UseRoaming in client configuration ssh_config. Valid values are 'yes', 'no' and 'unset'. Using 'unset' will not use (print) this configuration parameter at all. Default is set to 'no' on Linux and 'unset' on Solaris.
+String to enable or disable UseRoaming in client configuration ssh_config.
+Valid values are 'yes', 'no' and 'unset'. Using 'unset' will not use (print)
+this configuration parameter at all. Default is set to 'no' on Linux and
+'unset' on Solaris. If you have OpenSSH >= version 5.4, this should be set to
+'no' to mitigate CVE-2016-0777 and CVE-2016-0778.
 
 - *Default*: 'USE_DEFAULTS'