top | item 46969224

(no title)

fhub | 19 days ago

Even with automated tests you'd need to think of this exploit right? Perhaps fuzzing would have got it. The mailing lists says they proved it successful on

- OpenIndiana

- FreeBSD

- Debian GNU/Linux

So not complete YOLO.

See https://lists.gnu.org/archive/html/bug-inetutils/2015-03/msg...

FWIW, a well known LLM agent, when I asked for a review of the patch, did suggest it was dodgy but didn't pick up the severity of how dodgy it was.

discuss

JCattheATM|19 days ago

> a well known LLM agent

Which one?

accrual|19 days ago

Not GP, but my local Ministral 3 14B and GPT-OSS 20B didn't catch anything unless I gave some hints.