This is a bugfix release, which is fairly important since it fixes a denial of service bug in lshd (and also in lsh, but that's probably of less importance).
News for the 2.0.1 release
Fixed denial of service bug in lshd.
Fixed a bug in lsh-make-seed, which could make the program go into an infinite loop on read errors.
lsh now asks for passwords also in quite (-q) mode, as described in the manual.
Control character filtering used to sometimes consider newline as a dangerous control character. Now newlines should be displayed normally.
Removed support for the non-standard alias "diffie-hellman-group2-sha1". The standardized name is for this key exchange method is "diffie-hellman-group14-sha1".
Since it's a small update, I'm also distributing a patch file. Available at
http://www.lysator.liu.se/~nisse/archive/lsh-2.0.1.tar.gz ftp://ftp.lysator.liu.se/pub/security/lsh/lsh-2.0.1.tar.gz
http://www.lysator.liu.se/~nisse/archive/lsh-2.0-2.0.1.diff.gz ftp://ftp.lysator.liu.se/pub/security/lsh/lsh-2.0-2.0.1.diff.gz
Regards, /Niels