new | ask | show | jobs
fhub 5 hours ago  [ - ]

Even with automated tests you'd need to think of this exploit right? Perhaps fuzzing would have got it. The mailing lists says they proved it successful on

- OpenIndiana

- FreeBSD

- Debian GNU/Linux

So not complete YOLO.

See https://lists.gnu.org/archive/html/bug-inetutils/2015-03/msg...

FWIW, a well known LLM agent, when I asked for a review of the patch, did suggest it was dodgy but didn't pick up the severity of how dodgy it was.

JCattheATM 4 hours ago  [ - ]

> a well known LLM agent

Which one?

accrual 4 hours ago  [ - ]

Not GP, but my local Ministral 3 14B and GPT-OSS 20B didn't catch anything unless I gave some hints.

JCattheATM 2 hours ago  [ - ]

He says 'well known' so I assume Claude or GPT, I just don't get why he's being coy.

fhub 2 hours ago  [ - ]

I thought by not naming it wouldn't shift the focus to the particular model, but it did the opposite. It was gpt-5.3-codex in medium mode.