{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":46134608,"defaultBranch":"master","name":"tang","ownerLogin":"latchset","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2015-11-13T16:47:53.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/17146082?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1707907889.0","currentOid":""},"activityList":{"items":[{"before":"fbf121819b765f0012a6cdebbdd2cf0bc6c272e2","after":"02105756ee2a3afbd7065a47664d202788c9b584","ref":"refs/heads/master","pushedAt":"2024-02-14T10:50:42.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Release tang version 15 (#144)\n\nResolves: #143\r\n\r\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Release tang version 15 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2133979109\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/144\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/144/hovercard\" href=\"https://github.com/latchset/tang/pull/144\">#144</a>)"}},{"before":"8a52be8917ec4b5ed6e3246992a369b4dfb4ad86","after":null,"ref":"refs/heads/202402141114-codecov-node20","pushedAt":"2024-02-14T10:49:47.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"}},{"before":"0129158b9c0fcef049fb7098885ef08a062127a9","after":"8a52be8917ec4b5ed6e3246992a369b4dfb4ad86","ref":"refs/heads/202402141114-codecov-node20","pushedAt":"2024-02-14T10:28:12.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Upgrade codecov-action (v3->v4) to use Node20\n\nResolves: #141\n\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Upgrade codecov-action (v3-&gt;v4) to use Node20"}},{"before":"64931a8484c39fe2f74198e7ab4accdaa39a6c97","after":"0129158b9c0fcef049fb7098885ef08a062127a9","ref":"refs/heads/202402141114-codecov-node20","pushedAt":"2024-02-14T10:27:21.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Upgrade codecov-action (v3->v4) to use Node20\n\nResolves: #141\n\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Upgrade codecov-action (v3-&gt;v4) to use Node20"}},{"before":null,"after":"64931a8484c39fe2f74198e7ab4accdaa39a6c97","ref":"refs/heads/202402141114-codecov-node20","pushedAt":"2024-02-14T10:16:21.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Upgrade codecov-action (v3->v4) to use Node20\n\nResolves: #141\n\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Upgrade codecov-action (v3-&gt;v4) to use Node20"}},{"before":"819970cf37f3b775d42a7ec3a233dc5f8df66497","after":"fbf121819b765f0012a6cdebbdd2cf0bc6c272e2","ref":"refs/heads/master","pushedAt":"2024-02-14T09:40:06.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Upgrade checkout Github action (v3->v4) (#142)\n\nResolves: #141\r\n\r\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Upgrade checkout Github action (v3-&gt;v4) (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2133888249\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/142\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/142/hovercard\" href=\"https://github.com/latchset/tang/pull/142\">#142</a>)"}},{"before":"4b7656b0d88917cc52ed5fd2c703db84fbbc746d","after":"819970cf37f3b775d42a7ec3a233dc5f8df66497","ref":"refs/heads/master","pushedAt":"2024-02-12T13:35:51.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sergio-correia","name":"Sergio Correia","path":"/sergio-correia","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40298165?s=80&v=4"},"commit":{"message":"Fix issue introduced in http-parser -> llhttp conversion\n\nhttp_parser_execute() returns the number of parsed bytes, while\nllhttp_execute() returns an error code.\n\nSigned-off-by: Sergio Correia <scorreia@redhat.com>","shortMessageHtmlLink":"Fix issue introduced in http-parser -&gt; llhttp conversion"}},{"before":"05ac375a2cac6606d75c9261a9b951e0599334b2","after":"4b7656b0d88917cc52ed5fd2c703db84fbbc746d","ref":"refs/heads/master","pushedAt":"2024-02-12T12:56:11.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Include parameter to indicate endpoint (#117)\n\nThis change allows specifying -e option, so that\r\nendpoint parameter is used. This parameter gives\r\nthe possibility to change URL where Tang listens,\r\nso that endpoint provided is prepended between\r\nhost port information and advertisement/recovery\r\nsuffix (rec/adv).\r\nWithout endpoint, advertisement URL is:\r\nhttp://localhost:port/adv\r\nMeanwhile, if using endpoint (-e this/is/endpoint),\r\nadvertisement URL is:\r\nhttp://localhost:port/this/is/endpoint/adv\r\nFor more information, check man page\r\n\r\nResolves: #116\r\n\r\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Include parameter to indicate endpoint (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1715518470\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/117\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/117/hovercard\" href=\"https://github.com/latchset/tang/pull/117\">#117</a>)"}},{"before":"7678db5916775a0794f0f540d4deeda375199b06","after":"05ac375a2cac6606d75c9261a9b951e0599334b2","ref":"refs/heads/master","pushedAt":"2024-02-05T16:11:53.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Build tweaks (#138)\n\n* Add asciidoc to dependencies so man page building is tested on all builds","shortMessageHtmlLink":"Build tweaks (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2077747037\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/138\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/138/hovercard\" href=\"https://github.com/latchset/tang/pull/138\">#138</a>)"}},{"before":"df3cc460895dac1fdc090ea6fb09d6bb96ca6f0f","after":"7678db5916775a0794f0f540d4deeda375199b06","ref":"refs/heads/master","pushedAt":"2024-01-15T10:36:06.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Fix minor orthographic issue (#139)\n\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Fix minor orthographic issue (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2081694504\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/139\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/139/hovercard\" href=\"https://github.com/latchset/tang/pull/139\">#139</a>)"}},{"before":"761423dd9ecf4538618b072912a17992613c541b","after":"df3cc460895dac1fdc090ea6fb09d6bb96ca6f0f","ref":"refs/heads/master","pushedAt":"2024-01-15T09:35:01.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Readme updates (#137)\n\n* Update README.md\r\n\r\nUpdate README.md to account for recent llhttp build changes and the availability of packaged versions for FreeBSD.\r\nNoted that either http_parser or llhttp are required.  Removed systemd from the required list, since strictly speaking it's not required for stand-alone operation.","shortMessageHtmlLink":"Readme updates (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2077643816\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/137\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/137/hovercard\" href=\"https://github.com/latchset/tang/pull/137\">#137</a>)"}},{"before":"caaf432297f9baf5b07aa35e28cb9a2064f8be56","after":"761423dd9ecf4538618b072912a17992613c541b","ref":"refs/heads/master","pushedAt":"2024-01-11T17:01:32.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sergio-correia","name":"Sergio Correia","path":"/sergio-correia","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40298165?s=80&v=4"},"commit":{"message":"Add support for building with llhttp instead of http-parser\n\nAs http-parser has been unmaintained for a while [1], let's add\nsupport for its natural replacement, llhttp.\n\nHowever, as llhttp does not seem to be packaged in distros like\nDebian [2], we will keep supporting building with http-parser for\ntime being, preferring llhttp, if it is present.\n\n[1] https://github.com/nodejs/http-parser/issues/522\n[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977716","shortMessageHtmlLink":"Add support for building with llhttp instead of http-parser"}},{"before":"c39b6dd44a194b7304958ee151055d26a09a4363","after":"caaf432297f9baf5b07aa35e28cb9a2064f8be56","ref":"refs/heads/master","pushedAt":"2024-01-11T16:21:58.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Avoid execution of build actions for doc files (#129)\n\nResolves: #122\r\n\r\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Avoid execution of build actions for doc files (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1789051132\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/129\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/129/hovercard\" href=\"https://github.com/latchset/tang/pull/129\">#129</a>)"}},{"before":"9e4f9a6f83ecf1ca187285c373c597ccee24ad32","after":"c39b6dd44a194b7304958ee151055d26a09a4363","ref":"refs/heads/master","pushedAt":"2024-01-11T16:06:29.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Avoid usage of unused variable (#128)\n\nResolves: #127\r\n\r\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Avoid usage of unused variable (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1780742459\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/128\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/128/hovercard\" href=\"https://github.com/latchset/tang/pull/128\">#128</a>)"}},{"before":"a5ed6b021e124ae9ecc0de0674defd3640417a1b","after":"9e4f9a6f83ecf1ca187285c373c597ccee24ad32","ref":"refs/heads/master","pushedAt":"2024-01-10T09:47:53.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"sergio-correia","name":"Sergio Correia","path":"/sergio-correia","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40298165?s=80&v=4"},"commit":{"message":"misc: update coverage action to codecov-action/v3","shortMessageHtmlLink":"misc: update coverage action to codecov-action/v3"}},{"before":"100265e32f56e33c8120fca83de419155ac8db5e","after":"a5ed6b021e124ae9ecc0de0674defd3640417a1b","ref":"refs/heads/master","pushedAt":"2024-01-08T10:58:45.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Increase test timeouts (#131)\n\nResolves: #130\r\n\r\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Increase test timeouts (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1798341884\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/131\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/131/hovercard\" href=\"https://github.com/latchset/tang/pull/131\">#131</a>)"}},{"before":"8dbbed10870378f1b2c3cf3df2ea7edca7617096","after":"100265e32f56e33c8120fca83de419155ac8db5e","ref":"refs/heads/master","pushedAt":"2023-06-14T14:24:54.298Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Release tang v14 version (#125)\n\nResolves: #124\r\n\r\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Release tang v14 version (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1757022911\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/125\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/125/hovercard\" href=\"https://github.com/latchset/tang/pull/125\">#125</a>)"}},{"before":"d5f1cc5f62a47766737caacaefde2a148dce92b0","after":"8dbbed10870378f1b2c3cf3df2ea7edca7617096","ref":"refs/heads/master","pushedAt":"2023-06-14T13:53:20.898Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sergio-correia","name":"Sergio Correia","path":"/sergio-correia","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40298165?s=80&v=4"},"commit":{"message":"Fix race condition when creating/rotating keys (#123)\n\nWhen we create/rotate keys using either the tangd-keygen and\r\ntangd-rotate-keys helpers, there is a small window between the\r\nkeys being created and then the proper ownership permissions being\r\nset. This also happens when there are no keys and tang creates a\r\npair of keys itself.\r\n\r\nIn certain situations, such as the keys directory having wide open\r\npermissions, a user with local access could exploit this race\r\ncondition and read the keys before they are set to more restrictive\r\npermissions.\r\n\r\nTo prevent this issue, we now set the default umask to 0337 before\r\ncreating the files, so that they are already created with restrictive\r\npermissions; afterwards, we set the proper ownership as usual.\r\n\r\nIssue reported by Brian McDermott of CENSUS labs.\r\n\r\nFixes CVE-2023-1672\r\n\r\n\r\nReviewed-by: Sergio Arroutbi <sarroutb@redhat.com>\r\nSigned-off-by: Sergio Correia <scorreia@redhat.com>","shortMessageHtmlLink":"Fix race condition when creating/rotating keys (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1756964304\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/123\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/123/hovercard\" href=\"https://github.com/latchset/tang/pull/123\">#123</a>)"}},{"before":"0867603dc8b01945de3e300e48db86d78cb2575d","after":"d5f1cc5f62a47766737caacaefde2a148dce92b0","ref":"refs/heads/master","pushedAt":"2023-06-07T09:53:08.368Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Use quay.io version of Fedora Rawhide container (#120)\n\nResolves: #118\r\n\r\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Use quay.io version of Fedora Rawhide container (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1745195264\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/120\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/120/hovercard\" href=\"https://github.com/latchset/tang/pull/120\">#120</a>)"}},{"before":"ea541694b82e0b6087c5605cedf31a4a8f29a5f0","after":"0867603dc8b01945de3e300e48db86d78cb2575d","ref":"refs/heads/master","pushedAt":"2023-05-08T11:05:35.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sergio-correia","name":"Sergio Correia","path":"/sergio-correia","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40298165?s=80&v=4"},"commit":{"message":"Update CI (#115)\n\n* Update build.yml\r\n\r\nAdd Ubuntu versions and most importantly update actions/checkout to v3 in advance of NodeJS deprecation.\r\n\r\n* Update coverage.yml\r\n\r\nUpdate actions/checkout to v3 in advance of NodeJS deprecation.\r\n\r\n* Update build.yml","shortMessageHtmlLink":"Update CI (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1699317371\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/115\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/115/hovercard\" href=\"https://github.com/latchset/tang/pull/115\">#115</a>)"}},{"before":"1fcfdb6c78ba7d443e7c10da91be5a09f4f62810","after":"ea541694b82e0b6087c5605cedf31a4a8f29a5f0","ref":"refs/heads/master","pushedAt":"2023-05-05T13:17:07.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Release new tang version (v13) (#113)\n\nResolves: #112\r\n\r\nProposed changelog:\r\nAdd v2 version for codecov action (#1fcfdb6)\r\nsocket: fix possible buffer overflow in listen_port() (#9b9d149)\r\nsocket: free socket list before exiting (#5631569)\r\ntests: make sure on_exit handler completes (#0cacc91)\r\ntests: fix wait_for_port() retry mechanism (#5160a4a)\r\nuse sigaction instead of signal for SIGCHLD processing (#f44f4ec)\r\ntangd.socket: Set ownership and mode of jwkdir (#ae736c9)\r\n\r\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Release new tang version (v13) (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1697540071\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/113\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/113/hovercard\" href=\"https://github.com/latchset/tang/pull/113\">#113</a>)"}},{"before":"9b9d14973aa1e5b2290595a6b53e67c2f4e0369f","after":"1fcfdb6c78ba7d443e7c10da91be5a09f4f62810","ref":"refs/heads/master","pushedAt":"2023-05-05T13:04:34.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"Add v2 version for codecov action (#114)\n\nSigned-off-by: Sergio Arroutbi <sarroutb@redhat.com>","shortMessageHtmlLink":"Add v2 version for codecov action (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1697581539\" data-permission-text=\"Title is private\" data-url=\"https://github.com/latchset/tang/issues/114\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/latchset/tang/pull/114/hovercard\" href=\"https://github.com/latchset/tang/pull/114\">#114</a>)"}},{"before":"f44f4ec54904630f0e4ebedd772b40ea8c265cde","after":"9b9d14973aa1e5b2290595a6b53e67c2f4e0369f","ref":"refs/heads/master","pushedAt":"2023-05-05T12:18:16.000Z","pushType":"pr_merge","commitsCount":4,"pusher":{"login":"sergio-correia","name":"Sergio Correia","path":"/sergio-correia","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40298165?s=80&v=4"},"commit":{"message":"socket: fix possible buffer overflow in listen_port()\n\nAt some point in listen_port(), we memcpy() the IP address -- ai_addr\nfield (struct sockaddr), but used, as the size, the ai_addrlen field\nfrom ptr, which is struct addrinfo.\n\nThis means that, for IPv4, we had ai_addrlen being 16, while for IPv6,\nit was 28. The problem is that we copy this address to a struct\nsockaddr, which has sizeof 16.\n\nThis issue was exposed by running this under i686 with D_FORTIFY_SOURCE\nenabled, as we got a buffer overflow upon starting.\n\nThis commit changes the memcpy() call to use the correct size for the\ndestination memory area.","shortMessageHtmlLink":"socket: fix possible buffer overflow in listen_port()"}},{"before":"6313a9e6f2f44f2432a8275d67af32f02e732853","after":"f44f4ec54904630f0e4ebedd772b40ea8c265cde","ref":"refs/heads/master","pushedAt":"2023-05-05T11:23:35.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"sarroutbi","name":"Sergio Arroutbi","path":"/sarroutbi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959277?s=80&v=4"},"commit":{"message":"use sigaction instead of signal for SIGCHLD processing\n\nResolves: #109","shortMessageHtmlLink":"use sigaction instead of signal for SIGCHLD processing"}},{"before":"ae736c957f4ec922a876038261e081a19732dbc5","after":"6313a9e6f2f44f2432a8275d67af32f02e732853","ref":"refs/heads/master","pushedAt":"2023-05-05T10:58:23.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sergio-correia","name":"Sergio Correia","path":"/sergio-correia","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40298165?s=80&v=4"},"commit":{"message":"use sigaction instead of signal for SIGCHLD processing","shortMessageHtmlLink":"use sigaction instead of signal for SIGCHLD processing"}},{"before":"7c0d86f5ce6a2b60bd059e87f5235b5c29e5bec9","after":"ae736c957f4ec922a876038261e081a19732dbc5","ref":"refs/heads/master","pushedAt":"2023-05-05T10:58:11.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"sergio-correia","name":"Sergio Correia","path":"/sergio-correia","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40298165?s=80&v=4"},"commit":{"message":"tangd.socket: Set ownership and mode of jwkdir\n\nOn OSTree-enabled systems (such as Fedora CoreOS), every update\nrecreates the passwd and group files, which means that the\ndynamically-assigned ID and GID of the tang daemon may change,\ndepending on the order of createuser calls. This patch ensures\nthat starting the socket unit will fix any ownership issues in\nthe jwkdir.\n\nThis is essentially moving the Fedora %post script[1] out of RPM\nand into the systemd unit instead.\n\n[1] https://src.fedoraproject.org/rpms/tang/blob/ba7119863624a55ac4bf79e19acd2a26350896e0/f/tang.spec#_68\n\nSigned-off-by: Stephen Gallagher <sgallagh@redhat.com>","shortMessageHtmlLink":"tangd.socket: Set ownership and mode of jwkdir"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAD-m4dIQA","startCursor":null,"endCursor":null}},"title":"Activity · latchset/tang"}