Even with automated tests you'd need to think of this exploit right? Perhaps fuzzing would have got it. The mailing lists says they proved it successful on

- OpenIndiana

- FreeBSD

- Debian GNU/Linux

So not complete YOLO.

See https://lists.gnu.org/archive/html/bug-inetutils/2015-03/msg...

FWIW, a well known LLM agent, when I asked for a review of the patch, did suggest it was dodgy but didn't pick up the severity of how dodgy it was.

▲

JCattheATM 19 hours ago | parent [-]

> a well known LLM agent

Which one?

▲

accrual 19 hours ago | parent [-]

Not GP, but my local Ministral 3 14B and GPT-OSS 20B didn't catch anything unless I gave some hints.

▲

JCattheATM 18 hours ago | parent [-]

He says 'well known' so I assume Claude or GPT, I just don't get why he's being coy.

	▲	fhub 17 hours ago \| parent [-]
		I thought by not naming it wouldn't shift the focus to the particular model, but it did the opposite. It was gpt-5.3-codex in medium mode.