CVSROOT: /cvs Module name: src Changes by: [email protected] 2019/12/07 12:23:21
Modified files:
usr.bin/su : su.c
Log message:
In -L (loop) mode, reset the login class each time through the loop.
Otherwise, it is possible to log in with another user's login class.
Fixes CVE-2019-19519. OK deraadt@ markus@
