plugins/sudoers/ins_classic.h | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---

examples/sudoers | 10 5 + 5 - 0 !
1 file changed, 5 insertions(+), 5 deletions(-)

---

src/ttyname.c | 141 60 + 81 - 0 !
1 file changed, 60 insertions(+), 81 deletions(-)

---

src/ttyname.c | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

---

src/ttyname.c | 39 26 + 13 - 0 !
1 file changed, 26 insertions(+), 13 deletions(-)

---

lib/util/strtoid.c | 98 52 + 46 - 0 !
1 file changed, 52 insertions(+), 46 deletions(-)

 treat an id of -1 as invalid since that means "no change".
 Fixes CVE-2019-14287.
 Found by Joe Vennix from Apple Information Security.

lib/util/regress/atofoo/atofoo_test.c | 36 27 + 9 - 0 !
plugins/sudoers/regress/testsudoers/test5.out.ok | 2 1 + 1 - 0 !
plugins/sudoers/regress/testsudoers/test5.sh | 2 1 + 1 - 0 !
3 files changed, 29 insertions(+), 11 deletions(-)

 fix test failure in plugins/sudoers/regress/testsudoers/test5.sh
 Fix test failure after fix for CVE-2019-14287 .

src/tgetpass.c | 20 12 + 8 - 0 !
1 file changed, 12 insertions(+), 8 deletions(-)

 fix a buffer overflow when pwfeedback is enabled and input is a not a
 tty. In getln() if the user enters ^U (erase line) and the write(2) fails,
 the remaining buffer size is reset but the current pointer is not. While
 here, fix an incorrect break for erase when write(2) fails. Also disable
 pwfeedback when input is not a tty as it cannot work. CVE-2019-18634 Credit:
 Joe Vennix from Apple Information Security.