FreeBSD: VID-6e58e1e9-2636-413e-9f84-4c0e21143628 (CVE-2019-3858): libssh2 -- multiple issues

libssh2 developers report: Defend against possible integer overflows in comp_method_zlib_decomp. Defend against writing beyond the end of the payload in _libssh2_transport_read(). Sanitize padding_length - _libssh2_transport_read(). This prevents an underflow resulting in a potential out-of-bounds read if a server sends a too-large padding_length, possibly with malicious intent. Prevent zero-byte allocation in sftp_packet_read() which could lead to an out-of-bounds read. Check the length of data passed to sftp_packet_add() to prevent out-of-bounds reads. Add a required_size parameter to sftp_packet_require et. al. to require callers of these functions to handle packets that are too short. Additional length checks to prevent out-of-bounds reads and writes in _libssh2_packet_add().