Munki pkginfo to solve CVE-0216-0777 and CVE-0216-0778

turn-ssh-roaming-off

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>_metadata</key>
	<dict>
		<key>created_by</key>
		<string>itadmn</string>
		<key>creation_date</key>
		<date>2016-01-15T14:29:44Z</date>
		<key>munki_version</key>
		<string>2.4.0.2561</string>
		<key>os_version</key>
		<string>10.9.5</string>
	</dict>
	<key>autoremove</key>
	<false/>
	<key>catalogs</key>
	<array>
		<string>production</string>
	</array>
	<key>category</key>
	<string>Config</string>
	<key>installer_type</key>
	<string>nopkg</string>
	<key>installcheck_script</key>
	<string>#!/bin/bash
# If OS version is 10.11 or higher, there is an SSH folder.
if [[ $(sw_vers -productVersion | awk -F. '{print $2}') -ge 11 ]]; then
    CONFIG="/etc/ssh/ssh_config"
else
    CONFIG="/etc/ssh_config"
fi

[[ ! $(awk 'f{print;f=0;exit} /Host \*/{f=1;}' $CONFIG | xargs) == "UseRoaming no" ]]
</string>
	<key>minimum_os_version</key>
	<string>10.4.0</string>
	<key>name</key>
	<string>turn-ssh-roaming-off</string>
	<key>postinstall_script</key>
	<string>#!/bin/bash
if [[ $(sw_vers -productVersion | awk -F. '{print $2}') -ge 11 ]]; then
    CONFIG="/etc/ssh/ssh_config"
else
    CONFIG="/etc/ssh_config"
fi

# In testing, we were unable to update in place; so copy then move.
awk '/\s*Host \*/{print;print "   UseRoaming no";next}1' $CONFIG &gt; ${CONFIG}_temp
mv ${CONFIG}_temp $CONFIG</string>
	<key>unattended_install</key>
	<true/>
	<key>version</key>
	<string>1.1.0</string>
</dict>
</plist>