The issue is apparently this commit (someone did a git bisect):

reliablereason • today at 9:52 AM • 0 replies • view on HN

https://github.com/RsyncProject/rsync/commit/859d44fa4f14207...

Which is a fix to the security issue CVE-2026-29518: https://nvd.nist.gov/vuln/detail/CVE-2026-29518

A CVE reported by VulnCheck which is a company that uses AI to find software vulnerabilitys.

I would honestly blame this on bad test coverage.

If you look at most of the commits where Claude is "co-author" you see that 80% of are just adding new tests. Which is exactly what would be needed if low test coverage was the issue.

I have done the exact same thing long before AI was a thing. You are rushed to "FIX" some security issue that someone reported. It is a scenario where you are working in code that you did not write or you wrote it so long ago that you cant remember. You try your best to just fix the security issue but you perturb something else while doing it.

alt Hacker News