Andreas Schneider reported that libssh2, a SSH2 client-side library,
passes the number of bytes to a function that expects number of bits
during the SSHv2 handshake when libssh2 is to get a suitable value for
group order in the Diffie-Hellman negotiation. This weakens
significantly the handshake security, potentially allowing an
eavesdropper with enough resources to decrypt or intercept SSH sessions.