From $URL :
A denial of service flaw was found in the way default server configuration of OpenSSH, a open
source implementation of SSH protocol versions 1 and 2, performed management of its connection
slot. A remote attacker could use this flaw to cause connection slot exhaustion on the server.
Relevant upstream patches:
the DoS can't be prevented, just [further] mitigated
The default configuration of OpenSSH through 6.1 enforces a fixed time limit
between establishing a TCP connection and completing a login, which makes it
easier for remote attackers to cause a denial of service (connection-slot
exhaustion) by periodically making many new TCP connections.
Default values from MaxStartups is correct in current stable openssh in Gentoo(net-misc/openssh-6.6_p1-r1), so, i assume this is fixed.
Added this to existing GLSA draft
This issue was resolved and addressed in
GLSA 201405-06 at http://security.gentoo.org/glsa/glsa-201405-06.xml
by GLSA coordinator Mikle Kolyada (Zlogene).