- sinl() stack corruption from crafted input [BZ 25487] (CVE-2020-10029) - Fix use-after-free in glob when expanding ~user [BZ 25414]