ssh v1.2.26 for qnx v4.2x - how to update/patch it?

I’ve got and I’m
reading http:// security advisory
regarding CVE-2001-0144.

The patch provided in the advisory refers to the ssh v1.2.31.

What do you think, is it “enough” to apply the patch to the deattack.c
(which needs it in v1.2.26) to
be a bit safer?
Where can I get all the intermediate steps to bring v1.2.26 port to the
latest version?