{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":57972154,"defaultBranch":"main","name":"sudo","ownerLogin":"sudo-project","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2016-05-03T13:41:24.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/54603466?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1703958765.0","currentOid":""},"activityList":{"items":[{"before":"720a1450e78e8892a8f7efd4c37eab9bd9206537","after":"f2a979f4086854e454499e3b00ab8324792f95d0","ref":"refs/heads/main","pushedAt":"2024-05-06T21:29:39.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"apply_cmndspec: plug potential memory leak\n\nIf apply_cmndspec() is called where the cmndspec defines an apparmor\nprofile or Solaris privileges, and then is called again with a\ncmndspec that does not have those set we would leak the original\nvalue.","shortMessageHtmlLink":"apply_cmndspec: plug potential memory leak"}},{"before":"718df95e11731e96b77a860f2d079cc82a18b057","after":"720a1450e78e8892a8f7efd4c37eab9bd9206537","ref":"refs/heads/main","pushedAt":"2024-05-03T14:32:27.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Sync fuzz_sudoers dictionary with def_data.in.","shortMessageHtmlLink":"Sync fuzz_sudoers dictionary with def_data.in."}},{"before":"07d6aa247c50f4baf2f01cf5985c0a3af5c11bf0","after":"718df95e11731e96b77a860f2d079cc82a18b057","ref":"refs/heads/main","pushedAt":"2024-05-03T14:17:25.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"apply_cmndspec: plug apparmor_profile leak\n\nAlso override existing Solaris privs if specified.","shortMessageHtmlLink":"apply_cmndspec: plug apparmor_profile leak"}},{"before":"89918caf5a349cac4e2a56ba503d7476c6f16067","after":"07d6aa247c50f4baf2f01cf5985c0a3af5c11bf0","ref":"refs/heads/main","pushedAt":"2024-05-03T13:37:26.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"free_cmndspec: plug apparmor_profile leak","shortMessageHtmlLink":"free_cmndspec: plug apparmor_profile leak"}},{"before":"2e6c90cdef46bd2f8289bd14125f3f868dab4518","after":"89918caf5a349cac4e2a56ba503d7476c6f16067","ref":"refs/heads/main","pushedAt":"2024-05-03T02:05:23.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Python 3.12 backtraces use '~' in addition to '^' when underlining.\nGitHub issue #374","shortMessageHtmlLink":"Python 3.12 backtraces use '~' in addition to '^' when underlining."}},{"before":"389c8550c91da0715c86972306f2015b2f000056","after":"2e6c90cdef46bd2f8289bd14125f3f868dab4518","ref":"refs/heads/main","pushedAt":"2024-05-02T01:17:41.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Add test for parsing SELinux, AppArmor and Solaris privileges.","shortMessageHtmlLink":"Add test for parsing SELinux, AppArmor and Solaris privileges."}},{"before":"ef52db46f9b375d7ffd2e8893f1ef65f5b0fc014","after":"389c8550c91da0715c86972306f2015b2f000056","ref":"refs/heads/main","pushedAt":"2024-05-01T16:12:10.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Unifdef parser support for SELinux, AppArmor and Solaris privileges.","shortMessageHtmlLink":"Unifdef parser support for SELinux, AppArmor and Solaris privileges."}},{"before":"27963e39f3a24e5f30164ad082054c77715b511d","after":"ef52db46f9b375d7ffd2e8893f1ef65f5b0fc014","ref":"refs/heads/main","pushedAt":"2024-04-30T16:26:53.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Quiet compiler warning on Solaris 10","shortMessageHtmlLink":"Quiet compiler warning on Solaris 10"}},{"before":"a2d01a957d31e133c37d77ae149527f9483e4f19","after":"27963e39f3a24e5f30164ad082054c77715b511d","ref":"refs/heads/main","pushedAt":"2024-04-29T15:23:56.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Pass \"make spell\" with updated codespell.","shortMessageHtmlLink":"Pass \"make spell\" with updated codespell."}},{"before":"e770c857f453f816c09f2433660696891e4ee9b0","after":"a2d01a957d31e133c37d77ae149527f9483e4f19","ref":"refs/heads/main","pushedAt":"2024-04-28T19:49:33.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Avoid using ioctl(TIOCNOTTY) in the monitor.\n\nWe don't need to revoke the terminal in the monitor, just signal\nthe foreground process group.  This is more portable and has the\nsame effect as ioctl(TIOCNOTTY) would on Linux.  Since we now signal\nthe command from the monitor, there is no reason to forward SIGHUP\nfrom the kernel.  GitHub issue #367.","shortMessageHtmlLink":"Avoid using ioctl(TIOCNOTTY) in the monitor."}},{"before":"41978a56e042977923c1a55191b887218c536145","after":"e770c857f453f816c09f2433660696891e4ee9b0","ref":"refs/heads/main","pushedAt":"2024-04-28T14:16:30.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Fix copy and paste error in the fix for GitHub issue #369\nFixes GitHub issue #371","shortMessageHtmlLink":"Fix copy and paste error in the fix for GitHub issue <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2252455011\" data-permission-text=\"Title is private\" data-url=\"https://github.com/sudo-project/sudo/issues/369\" data-hovercard-type=\"issue\" data-hovercard-url=\"/sudo-project/sudo/issues/369/hovercard\" href=\"https://github.com/sudo-project/sudo/issues/369\">#369</a>"}},{"before":"37f8a8453160876189b17507222db1fc2bf0fc03","after":"41978a56e042977923c1a55191b887218c536145","ref":"refs/heads/main","pushedAt":"2024-04-28T01:04:37.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"If user's tty goes away, tell monitor to revoke the tty in its session.\n\nPreviously, we would simply close the pty leader in the main sudo\nprocess.  This had the effect of revoking the pty, but the foreground\nprocess would not necessarily receive SIGHUP.  By using TIOCNOTTY\nin the monitor, the running command has a better chance of getting\nSIGHUP.  Once the monitor has revoked the pty, the main sudo process\nwill close the pty leader, invalidating the pty.  GitHub issue #367.","shortMessageHtmlLink":"If user's tty goes away, tell monitor to revoke the tty in its session."}},{"before":"c42922069395697b9c305bc23dfb9bcd0f74145f","after":"37f8a8453160876189b17507222db1fc2bf0fc03","ref":"refs/heads/main","pushedAt":"2024-04-26T13:40:00.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Commands with multiple digests of the same type are stored in an array.","shortMessageHtmlLink":"Commands with multiple digests of the same type are stored in an array."}},{"before":"78699a8f7abc6682fa8de9100671e756ed1b5b11","after":"c42922069395697b9c305bc23dfb9bcd0f74145f","ref":"refs/heads/main","pushedAt":"2024-04-25T15:29:44.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Store mulitple command digests of the same type as an array.\n\nOtherwise, we end up with duplicated keys in the object.\nGitHub issue #370","shortMessageHtmlLink":"Store mulitple command digests of the same type as an array."}},{"before":"8666c66ff182d26c1e4060ebaf72ae82def4f0ac","after":"78699a8f7abc6682fa8de9100671e756ed1b5b11","ref":"refs/heads/main","pushedAt":"2024-04-22T14:18:32.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Call gettext() on insults when displayed, not when declared.","shortMessageHtmlLink":"Call gettext() on insults when displayed, not when declared."}},{"before":"26ce75110f5b5f7120b561aa136e65639261d407","after":"8666c66ff182d26c1e4060ebaf72ae82def4f0ac","ref":"refs/heads/main","pushedAt":"2024-04-22T13:46:33.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Make insults translatable","shortMessageHtmlLink":"Make insults translatable"}},{"before":"ecdf0c80f36e971f3090c495377b03a11931816c","after":"26ce75110f5b5f7120b561aa136e65639261d407","ref":"refs/heads/main","pushedAt":"2024-04-19T14:23:34.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"When converting CWD and CHROOT tags, store them as objects.\nFixes GitHub issue #369","shortMessageHtmlLink":"When converting CWD and CHROOT tags, store them as objects."}},{"before":"f0823c70c6c220322cae3a7dae9500df252f990c","after":"ecdf0c80f36e971f3090c495377b03a11931816c","ref":"refs/heads/main","pushedAt":"2024-04-18T01:34:30.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Add pam_silent sudoers option.\nInspired by PR #368\nGitHub issue #216","shortMessageHtmlLink":"Add pam_silent sudoers option."}},{"before":"b6175b78ad1c4c9535cad48cb76addf53352a28f","after":"f0823c70c6c220322cae3a7dae9500df252f990c","ref":"refs/heads/main","pushedAt":"2024-03-18T15:18:34.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Remove offensive insults that were disabled by default anyway.\nBug #1058","shortMessageHtmlLink":"Remove offensive insults that were disabled by default anyway."}},{"before":"1debad3becbe4c7f8fdd5feb64d5f7fb2fe1bcbd","after":"b6175b78ad1c4c9535cad48cb76addf53352a28f","ref":"refs/heads/main","pushedAt":"2024-03-09T18:45:46.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Remove EVLOG_JSON, callers must use EVLOG_JSON_COMPACT or EVLOG_JSON_PRETTY","shortMessageHtmlLink":"Remove EVLOG_JSON, callers must use EVLOG_JSON_COMPACT or EVLOG_JSON_…"}},{"before":"602a58e86a3562472499e339d40bed83e76109dc","after":"1debad3becbe4c7f8fdd5feb64d5f7fb2fe1bcbd","ref":"refs/heads/main","pushedAt":"2024-03-08T23:47:48.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Add json_compact log type for compact/minified JSON.\n\nThe \"json_compact\" log type logs one event per line in compact/minified\nJSON format.  GitHub issue #357.","shortMessageHtmlLink":"Add json_compact log type for compact/minified JSON."}},{"before":"836d2b556b4689552ff27f9ee62a7ce27fec5238","after":"602a58e86a3562472499e339d40bed83e76109dc","ref":"refs/heads/main","pushedAt":"2024-03-08T16:19:11.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Set SUDO_HOME to the invoking user's home directory.\nGitHub issue #358","shortMessageHtmlLink":"Set SUDO_HOME to the invoking user's home directory."}},{"before":"72cee2fa2596a932f731813d8b1f15ded2813dec","after":"836d2b556b4689552ff27f9ee62a7ce27fec5238","ref":"refs/heads/main","pushedAt":"2024-03-02T13:44:23.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"sudo-logsrvd.pp: Remove syslog.target (non-existent upstream since 11~ years ago)\n\nRemove syslog.target from service file, this target hasn't existed for over a decade.\r\n\r\nhttps://github.com/systemd/systemd/blob/6aa8d43ade72e24c9426e604f7fc4b7582b9db7c/NEWS#L72-L73","shortMessageHtmlLink":"sudo-logsrvd.pp: Remove syslog.target (non-existent upstream since 11…"}},{"before":"f66ebfa0f3b4f6bae3424d637835d3caaa220430","after":"72cee2fa2596a932f731813d8b1f15ded2813dec","ref":"refs/heads/main","pushedAt":"2024-02-29T19:45:51.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Explicitly link check_symbols with zlib.\n\nFixes a test failure on some systems when using sudo's built-in zlib.","shortMessageHtmlLink":"Explicitly link check_symbols with zlib."}},{"before":"81acb2bd7b795a43b5aa3f29a46286565a6d1d35","after":"f66ebfa0f3b4f6bae3424d637835d3caaa220430","ref":"refs/heads/main","pushedAt":"2024-02-22T18:12:22.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"m4/openssl.m4: fix cross-compilation with wolfssl\n\nDo not append -I/usr/include/wolfssl when cross-compiling\n\nSigned-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>","shortMessageHtmlLink":"m4/openssl.m4: fix cross-compilation with wolfssl"}},{"before":"6ec958f27ebb87019bb2121e40cab401aa81dc09","after":"81acb2bd7b795a43b5aa3f29a46286565a6d1d35","ref":"refs/heads/main","pushedAt":"2024-02-21T21:25:40.000Z","pushType":"push","commitsCount":4,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Regenerate dependencies","shortMessageHtmlLink":"Regenerate dependencies"}},{"before":"f3ebf31aa9d969ec9b14bebf04ea1c8a8bff6a67","after":"6ec958f27ebb87019bb2121e40cab401aa81dc09","ref":"refs/heads/main","pushedAt":"2024-02-18T14:17:58.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"lib/utils: detect failure to generate signals list and names\n\nCurrently, we generate the signal list and names by running cpp on our\nheader, and piping the result into sed.\n\nHowever, when cpp fails [0], we do not catch that failure, as the error\ncode of the LHS of a pipe is lost, with the pipe returning the RHS-most\nreturn code.\n\nFix that by introducing two new intermediate rules, each to generate the\npreprocessed .i files, and use those as dependencies and input to the\nrule that generates the headers. Those two .i files will be cleaned up\nby the existing *.i glob.\n\n[0] a failure happens on recent hosts, due to inconsistency with\ntime64_t and large-file support (lines elided and wrapped for\nreadability):\n\n    /usr/bin/cpp [...] ./sys_signame.h \\\n    | /usr/bin/sed -e '1,/^int sudo_end_of_headers;/d' -e '/^#/d' > mksigname.h\n    In file included from /usr/include/features.h:394,\n                     from /usr/include/sys/types.h:25,\n                     from ./sys_signame.h:4:\n    /usr/include/features-time64.h:26:5: error: #error \"_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64\"\n       26 | #   error \"_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64\"\n          |     ^~~~~\n    /usr/bin/gcc [...] ./mksigname.c -o mksigname\n    In file included from /usr/include/features.h:394,\n                     from /usr/include/bits/libc-header-start.h:33,\n                     from /usr/include/stdlib.h:26,\n                     from ./mksigname.c:27:\n    /usr/include/features-time64.h:26:5: error: #error \"_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64\"\n       26 | #   error \"_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64\"\n          |     ^~~~~\n    make[2]: *** [Makefile:263: mksigname] Error 1\n\nIn that case, we were lucky that the subsequent gcc call also failed,\nand for the same reason. That time64_t and lfs issue should be fixed (at\nleast investigated), but that does not mean we should not be more robust\nwhen parsing the header either.\n\nSigned-off-by: Yann E. MORIN <yann.morin.1998@free.fr>","shortMessageHtmlLink":"lib/utils: detect failure to generate signals list and names"}},{"before":"5bbfaa8e68b5ee6f27d4fbfa3c4e789341724f9c","after":"f3ebf31aa9d969ec9b14bebf04ea1c8a8bff6a67","ref":"refs/heads/main","pushedAt":"2024-02-18T14:16:24.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Regen with autoconf 2.72","shortMessageHtmlLink":"Regen with autoconf 2.72"}},{"before":"f69031da245c3c56b7f9d9eca50e12d3f283e0b3","after":"5bbfaa8e68b5ee6f27d4fbfa3c4e789341724f9c","ref":"refs/heads/main","pushedAt":"2024-02-17T18:28:46.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"src/exec_ptrace: fix build without precess_vm_readv()\n\nCommit 32f4b98f6b4a (sudo frontend: silence most -Wconversion warnings.)\nbroke the build on C libraries that miss process_vm_readv(), like\nuClibc-ng.\n\nIndeed, the ssize_t nwritten is declared guarded by HAVE_PROCESS_VM_READV,\nbut is then re-assigned and used a few lines below, outside any guard.\n\nFix that by always declaring the object, as it is always needed.\n\nSigned-off-by: Yann E. MORIN <yann.morin.1998@free.fr>","shortMessageHtmlLink":"src/exec_ptrace: fix build without precess_vm_readv()"}},{"before":"eb4506f434a2b8060b2d398879c26e1f9c56f488","after":"f69031da245c3c56b7f9d9eca50e12d3f283e0b3","ref":"refs/heads/main","pushedAt":"2024-01-31T17:10:10.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"millert","name":"Todd C. Miller","path":"/millert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/348203?s=80&v=4"},"commit":{"message":"Quest no longer sponsors sudo development.","shortMessageHtmlLink":"Quest no longer sponsors sudo development."}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEQvUMywA","startCursor":null,"endCursor":null}},"title":"Activity · sudo-project/sudo"}