--- openssh-5.3p1.orig/auth2-jpake.c	2009-06-21 11:50:08.000000000 +0200
+++ openssh-5.3p1/auth2-jpake.c	2009-12-05 12:10:19.000000000 +0100
@@ -173,7 +173,7 @@ derive_rawsalt(const char *username, u_c
 		fatal("%s: not enough bytes for rawsalt (want %u have %u)",
 		    __func__, len, digest_len);
 	memcpy(rawsalt, digest, len);
-	bzero(digest, digest_len);
+	memset(digest, 0, digest_len);
 	xfree(digest);
 }
 
@@ -198,10 +198,10 @@ makesalt(u_int want, const char *user)
 		fatal("%s: want %u", __func__, want);
 
 	derive_rawsalt(user, rawsalt, sizeof(rawsalt));
-	bzero(ret, sizeof(ret));
+	memset(ret, 0, sizeof(ret));
 	for (i = 0; i < want; i++)
 		ret[i] = pw_encode64(rawsalt[i]);
-	bzero(rawsalt, sizeof(rawsalt));
+	memset(rawsalt, 0, sizeof(rawsalt));
 
 	return ret;
 }
@@ -355,7 +355,7 @@ auth2_jpake_get_pwdata(Authctxt *authctx
 	debug3("%s: scheme = %s", __func__, *hash_scheme);
 	JPAKE_DEBUG_BN((*s, "%s: s = ", __func__));
 #endif
-	bzero(secret, secret_len);
+	memset(secret, 0, secret_len);
 	xfree(secret);
 }
 
@@ -396,12 +396,12 @@ auth2_jpake_start(Authctxt *authctxt)
 	packet_send();
 	packet_write_wait();
 
-	bzero(hash_scheme, strlen(hash_scheme));
-	bzero(salt, strlen(salt));
+	memset(hash_scheme, 0, strlen(hash_scheme));
+	memset(salt, 0, strlen(salt));
 	xfree(hash_scheme);
 	xfree(salt);
-	bzero(x3_proof, x3_proof_len);
-	bzero(x4_proof, x4_proof_len);
+	memset(x3_proof, 0, x3_proof_len);
+	memset(x4_proof, 0, x4_proof_len);
 	xfree(x3_proof);
 	xfree(x4_proof);
 
@@ -448,8 +448,8 @@ input_userauth_jpake_client_step1(int ty
 	    &pctx->b,
 	    &x4_s_proof, &x4_s_proof_len));
 
-	bzero(x1_proof, x1_proof_len);
-	bzero(x2_proof, x2_proof_len);
+	memset(x1_proof, 0, x1_proof_len);
+	memset(x2_proof, 0, x2_proof_len);
 	xfree(x1_proof);
 	xfree(x2_proof);
 
@@ -463,7 +463,7 @@ input_userauth_jpake_client_step1(int ty
 	packet_send();
 	packet_write_wait();
 
-	bzero(x4_s_proof, x4_s_proof_len);
+	memset(x4_s_proof, 0, x4_s_proof_len);
 	xfree(x4_s_proof);
 
 	/* Expect step 2 packet from peer */
@@ -504,7 +504,7 @@ input_userauth_jpake_client_step2(int ty
 	    &pctx->k,
 	    &pctx->h_k_sid_sessid, &pctx->h_k_sid_sessid_len));
 
-	bzero(x2_s_proof, x2_s_proof_len);
+	memset(x2_s_proof, 0, x2_s_proof_len);
 	xfree(x2_s_proof);
 
 	if (!use_privsep)