Doc updates
diff --git a/ChangeLog b/ChangeLog
index e5fdd6b..26adf6e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -25,6 +25,7 @@
Niels Kristian Bech Jensen <nkbj@image.dk>
- Solaris fixing, thanks to Ben Taylor <bent@clark.net>
- Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com>
+ - Release 1.2pre15
19991124
- Merged very large OpenBSD source code reformat
diff --git a/UPGRADING b/UPGRADING
index b1c0b9d..f9732cf 100644
--- a/UPGRADING
+++ b/UPGRADING
@@ -33,3 +33,15 @@
logging options "SyslogFacility" and "LogLevel". See the sshd manual
page for details.
+4. Warning messages about key lengths
+
+Commercial SSH's ssh-keygen program contained a bug which caused it to
+occasionally generate RSA keys which had their Most Significant Bit
+(MSB) unset. Such keys were advertised as being full-length, but are
+actually only half as secure.
+
+OpenSSH will print warning messages when it encounters such keys. To
+rid yourself of these message, edit you known_hosts files and replace
+the incorrect key length (usually "1024") with the correct key length
+(usually "1023").
+
