1 files changed, 0 insertions, 44 deletions

diff --git a/0002-libssh2-1.8.0-CVE-2019-3856.patch b/0002-libssh2-1.8.0-CVE-2019-3856.patch
deleted file mode 100644
index 40c9e9b..0000000
--- a/0002-libssh2-1.8.0-CVE-2019-3856.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From cc573aafb6f4b24bce9b82f308e92b9723a73024 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Tue, 19 Mar 2019 13:22:24 +0100
-Subject: [PATCH] Resolves: CVE-2019-3856 - fix integer overflow in keyboard
- interactive handling
-
-... resulting in out of bounds write
-
-Upstream-Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3856.patch
-
-I believe that:
-
-    `(session->userauth_kybd_num_prompts && session->userauth_kybd_num_prompts > 100)`
-
-... can be simplified as:
-
-    `(session->userauth_kybd_num_prompts > 100)`
-
-Signed-off-by: Kamil Dudka <kdudka@redhat.com>
----
- src/userauth.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/src/userauth.c b/src/userauth.c
-index cdfa25e..3946cf9 100644
---- a/src/userauth.c
-+++ b/src/userauth.c
-@@ -1734,6 +1734,13 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session,
-             /* int       num-prompts */
-             session->userauth_kybd_num_prompts = _libssh2_ntohu32(s);
-             s += 4;
-+            if(session->userauth_kybd_num_prompts && 
-+               session->userauth_kybd_num_prompts > 100) {
-+               _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY,
-+                              "Too many replies for "
-+                              "keyboard-interactive prompts");
-+               goto cleanup;
-+            }
- 
-             if(session->userauth_kybd_num_prompts) {
-                 session->userauth_kybd_prompts =
--- 
-2.17.2
-