o Fix OpenSSH xauth(1) command injection. [SA-16:14]
o Fix incorrect argument validation in sysarch(2). [SA-16:15]

Security: FreeBSD-SA-16:14.openssh-xauth, CVE-2016-3115
Security: FreeBSD-SA-16:15.sysarch, CVE-2016-1885
Approved by: so