diff options
Diffstat (limited to '0007-libssh2-1.8.0-CVE-2019-3861.patch')
-rw-r--r-- | 0007-libssh2-1.8.0-CVE-2019-3861.patch | 28 |
1 files changed, 0 insertions, 28 deletions
diff --git a/0007-libssh2-1.8.0-CVE-2019-3861.patch b/0007-libssh2-1.8.0-CVE-2019-3861.patch deleted file mode 100644 index d40bb71..0000000 --- a/0007-libssh2-1.8.0-CVE-2019-3861.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 77bc71f4ca2949a11110092034dd0705faa6d7b5 Mon Sep 17 00:00:00 2001 -From: Kamil Dudka <kdudka@redhat.com> -Date: Tue, 19 Mar 2019 13:43:34 +0100 -Subject: [PATCH] Resolves: CVE-2019-3861 - fix out-of-bounds reads with - specially crafted SSH packets - -Upstream-Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3861.patch ---- - src/transport.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/transport.c b/src/transport.c -index 5349284..6224c4f 100644 ---- a/src/transport.c -+++ b/src/transport.c -@@ -442,6 +442,9 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) - } - - p->padding_length = block[4]; -+ if ( p->padding_length > p->packet_length - 1 ) { -+ return LIBSSH2_ERROR_DECRYPT; -+ } - - /* total_num is the number of bytes following the initial - (5 bytes) packet length and padding length fields */ --- -2.17.2 - |