Comment 3 for bug 287256

This security vulnerability was discovered after the original release of hardy, and updated packages were issued long ago for all architectures, including powerpc. It sounds like you have not applied security updates to your system. The master archive shows;

  openssh-client | 1:4.7p1-8ubuntu1 | hardy | amd64, hppa, i386, ia64, lpia, powerpc, sparc
  openssh-client | 1:4.7p1-8ubuntu1.2 | hardy-security | amd64, hppa, i386, ia64, lpia, powerpc, sparc
  openssh-client | 1:4.7p1-8ubuntu1.2 | hardy-updates | amd64, hppa, i386, ia64, lpia, powerpc, sparc

Make sure that the following lines are in /etc/apt/sources.list:

  deb http://ports.ubuntu.com/ubuntu-ports hardy-security main restricted universe multiverse
  deb-src http://ports.ubuntu.com/ubuntu-ports hardy-security main restricted universe multiverse
  deb http://ports.ubuntu.com/ubuntu-ports hardy-updates main restricted universe multiverse
  deb-src http://ports.ubuntu.com/ubuntu-ports hardy-updates main restricted universe multiverse

Then press "Check" followed by "Install Updates" in System -> Administration -> Update Manager, or run 'sudo apt-get update' and 'sudo apt-get dist-upgrade', or whatever other upgrade method you prefer.

I don't know why your system wasn't already fixed. Perhaps you simply didn't apply security updates for some reason, or perhaps you ran into some installer bug that meant that hardy-security wasn't in sources.list (though I'm astonished that at least hardy-updates wasn't there). I am confident that all such installer bugs have been fixed by now, although of course this is one area where it's particularly difficult to issue updates effectively!