1 files changed, 0 insertions, 42 deletions

diff --git a/debian/patches/0001-Drop-too-short-control-channel-packets-instead-of-as.patch b/debian/patches/0001-Drop-too-short-control-channel-packets-instead-of-as.patch
deleted file mode 100644
index 0c80ee0..0000000
--- a/debian/patches/0001-Drop-too-short-control-channel-packets-instead-of-as.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From c5590a6821e37f3b29735f55eb0c2b9c0924138c Mon Sep 17 00:00:00 2001
-From: Steffan Karger <steffan.karger@fox-it.com>
-Date: Thu, 20 Nov 2014 13:43:05 +0100
-Subject: [PATCH] Drop too-short control channel packets instead of asserting
- out.
-
-This fixes a denial-of-service vulnerability where an authenticated client
-could stop the server by triggering a server-side ASSERT().
-
-OpenVPN would previously ASSERT() that control channel packets have a
-payload of at least 4 bytes. An authenticated client could trigger this
-assert by sending a too-short control channel packet to the server.
-
-Thanks to Dragana Damjanovic for reporting the issue.
-
-This bug has been assigned CVE-2014-8104.
-
-Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
-Acked-by: Gert Doering <gert@greenie.muc.de>
-Message-Id: <1CED409804E2164C8104F9E623B08B9018803B0FE7@FOXDFT02.FOX.local>
-Signed-off-by: Gert Doering <gert@greenie.muc.de>
----
- src/openvpn/ssl.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-Index: openvpn/src/openvpn/ssl.c
-===================================================================
---- openvpn.orig/src/openvpn/ssl.c	2014-12-01 16:09:43.031080162 +0100
-+++ openvpn/src/openvpn/ssl.c	2014-12-01 16:09:43.027080161 +0100
-@@ -2028,7 +2028,11 @@
-   ASSERT (session->opt->key_method == 2);
- 
-   /* discard leading uint32 */
--  ASSERT (buf_advance (buf, 4));
-+  if (!buf_advance (buf, 4)) {
-+    msg (D_TLS_ERRORS, "TLS ERROR: Plaintext buffer too short (%d bytes).",
-+	buf->len);
-+    goto error;
-+  }
- 
-   /* get key method */
-   key_method_flags = buf_read_u8 (buf);