diff -ru cronie-1.5.2/src/cronnext.c cronie-1.5.2_patched/src/cronnext.c
--- cronie-1.5.2/src/cronnext.c	2018-05-03 18:41:12.000000000 +0200
+++ cronie-1.5.2_patched/src/cronnext.c	2018-09-07 15:17:54.555924440 +0200
@@ -71,13 +71,13 @@
 /*
  * print entry flags
  */
-char *flagname[]= {
-	[MIN_STAR] =	"MIN_STAR",
-	[HR_STAR] =	"HR_STAR",
-	[DOM_STAR] =	"DOM_STAR",
-	[DOW_STAR] =	"DOW_STAR",
-	[WHEN_REBOOT] =	"WHEN_REBOOT",
-	[DONT_LOG] =	"DONT_LOG"
+const char *flagname[]= {
+	"MIN_STAR",
+	"HR_STAR",
+	"DOM_STAR",
+	"DOW_STAR",
+	"WHEN_REBOOT",
+	"DONT_LOG"
 };
 
 void printflags(char *indent, int flags) {
@@ -85,8 +85,8 @@
 	int first = 1;
 
 	printf("%s    flagnames:", indent);
-	for (f = 1; f < sizeof(flagname);  f = f << 1)
-		if (flags & f) {
+	for (f = 0; f < sizeof(flagname)/sizeof(char *);  f++)
+		if (flags & (int)1 << f) {
 			printf("%s%s", first ? " " : "|", flagname[f]);
 			first = 0;
 		}
diff -ru cronie-1.5.2/src/do_command.c cronie-1.5.2_patched/src/do_command.c
--- cronie-1.5.2/src/do_command.c	2017-09-14 13:53:21.000000000 +0200
+++ cronie-1.5.2_patched/src/do_command.c	2018-09-07 15:17:54.555924440 +0200
@@ -418,7 +418,7 @@
 			if (mailto && safe_p(usernm, mailto)
 				&& strncmp(MailCmd,"off",3) && !SyslogOutput) {
 				char **env;
-				char mailcmd[MAX_COMMAND];
+				char mailcmd[MAX_COMMAND+1]; /* +1 for terminator */
 				char hostname[MAXHOSTNAMELEN];
 				char *content_type = env_get("CONTENT_TYPE", jobenv),
 					*content_transfer_encoding =
@@ -434,7 +434,7 @@
 					}
 				}
 				else {
-					strncpy(mailcmd, MailCmd, MAX_COMMAND);
+					strncpy(mailcmd, MailCmd, MAX_COMMAND+1);
 				}
 				if (!(mail = cron_popen(mailcmd, "w", e->pwd, jobenv))) {
 					perror(mailcmd);
diff -ru cronie-1.5.2/src/env.c cronie-1.5.2_patched/src/env.c
--- cronie-1.5.2/src/env.c	2017-09-14 13:53:21.000000000 +0200
+++ cronie-1.5.2_patched/src/env.c	2018-09-07 15:17:54.554924435 +0200
@@ -63,7 +63,7 @@
 		for (i = 0; i < count; i++)
 			if ((p[i] = strdup(envp[i])) == NULL) {
 				save_errno = errno;
-				while (--i >= 0)
+				while (i-- > 0)
 					free(p[i]);
 				free(p);
 				errno = save_errno;
@@ -263,7 +263,9 @@
 	}
 	if (state != FINI && state != EQ2 && !(state == VALUE && !quotechar)) {
 		Debug(DPARS, ("load_env, not an env var, state = %d\n", state));
-			fseek(f, filepos, 0);
+			if (fseek(f, filepos, 0)) {
+                return ERR;
+           }
 		Set_LineNum(fileline);
 		return (FALSE);
 	}
diff -ru cronie-1.5.2/src/globals.h cronie-1.5.2_patched/src/globals.h
--- cronie-1.5.2/src/globals.h	2017-01-17 16:53:50.000000000 +0100
+++ cronie-1.5.2_patched/src/globals.h	2018-09-07 15:17:54.555924440 +0200
@@ -77,7 +77,7 @@
 XTRN time_t	StartTime;
 XTRN int	NoFork;
 XTRN int        PermitAnyCrontab;
-XTRN char       MailCmd[MAX_COMMAND];
+XTRN char       MailCmd[MAX_COMMAND+1]; /* +1 for terminator */
 XTRN char       cron_default_mail_charset[MAX_ENVSTR];
 XTRN int        EnableClustering;
 XTRN int	ChangePath;
diff -ru cronie-1.5.2/src/security.c cronie-1.5.2_patched/src/security.c
--- cronie-1.5.2/src/security.c	2017-09-14 13:29:47.000000000 +0200
+++ cronie-1.5.2_patched/src/security.c	2018-09-07 15:17:54.554924435 +0200
@@ -417,7 +417,7 @@
 		}
 	}
 
-	if (strcmp(u->scontext, ucontext)) {
+	if (!ucontext || strcmp(u->scontext, ucontext)) {
 		if (!cron_authorize_range(u->scontext, ucontext)) {
 			if (security_getenforce() > 0) {
 # ifdef WITH_AUDIT
diff -ru cronie-1.5.2/src/user.c cronie-1.5.2_patched/src/user.c
--- cronie-1.5.2/src/user.c	2017-01-17 16:53:50.000000000 +0100
+++ cronie-1.5.2_patched/src/user.c	2018-09-07 15:17:54.555924440 +0200
@@ -44,6 +44,10 @@
 free_user (user * u) {
 	entry *e, *ne;
 
+	if (!u) {
+		return;
+	}
+
 	free(u->name);
 	free(u->tabname);
 	for (e = u->crontab; e != NULL; e = ne)	{