diff -u cron-3.0pl1/debian/changelog cron-3.0pl1/debian/changelog
--- cron-3.0pl1/debian/changelog
+++ cron-3.0pl1/debian/changelog
@@ -1,3 +1,11 @@
+cron (3.0pl1-128.1ubuntu1.2) bionic-security; urgency=medium
+
+  * SECURITY REGRESSION: CVE-2017-9525 regression (LP: #1971895)
+    - debian/postinst: add tab_name emptiness check
+    - https://salsa.debian.org/debian/cron/-/commit/23047851
+
+ -- Rodrigo Figueiredo Zaiden <rodrigo.zaiden@canonical.com>  Tue, 10 May 2022 17:59:19 -0300
+
 cron (3.0pl1-128.1ubuntu1.1) bionic-security; urgency=medium
 
   * SECURITY UPDATE: privilege escalation in postinst script
diff -u cron-3.0pl1/debian/postinst cron-3.0pl1/debian/postinst
--- cron-3.0pl1/debian/postinst
+++ cron-3.0pl1/debian/postinst
@@ -65,6 +65,7 @@
     # checks (see CVE-2017-9525), and chown/chgroup the crontabs
     for tab_name in *
     do
+        [ "$tab_name" = "*" ] && continue
         tab_type=`stat -c '%F' "$tab_name"`
         tab_links=`stat -c '%h' "$tab_name"`
         tab_owner=`stat -c '%U' "$tab_name"`