Oculytic <[email protected]> writes: > I've attached a full writeup with root cause analysis, affected code > locations. > > I'd like to propose a 30-day disclosure window from today's date. I'm happy > to work with you on a fix - the writeup includes suggested remediation > approaches (replacing signal/longjmp with a flag-based or self-pipe > approach). > > I also plan to request a CVE ID from MITRE and coordinate with the distros > list once a patch is ready. Please let me know if you'd prefer a different > timeline or process. > > Please confirm receipt when you can.
This is a public list [1]. Given that the attached writeup looks like it was copy pasted from an LLM, I would appreciate if you could send reproduction steps before I rush to look at it. Collin [1] https://lists.gnu.org/archive/html/bug-inetutils/2026-04/msg00000.html
