Github has a couple of "fun" behaviours: 1) It links the email address in a commit to a github user with that address no matter who committed it 2) If a commit is pushed to a fork, it's visible in every fork (including the original)
A critical and trivial to exploit vulnerability has been revealed in a tool called polkit (pkexec) that you likely have installed if you run Linux. The current mitigation requires manual intervention. https://t.co/LS5MlVLLJJ sudo chmod 0755 /usr/bin/pkexec
