From nobody Tue Dec  9 05:15:57 2025
X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dQRs24VjBz6K05X
	for <freebsd-security@mlmmj.nyi.freebsd.org>; Tue, 09 Dec 2025 05:16:06 +0000 (UTC)
	(envelope-from hello@bacula-web.org)
Received: from mail-24421.protonmail.ch (mail-24421.protonmail.ch [109.224.244.21])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "protonmail.com", Issuer "R13" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4dQRs222lzz430b
	for <freebsd-security@freebsd.org>; Tue, 09 Dec 2025 05:16:06 +0000 (UTC)
	(envelope-from hello@bacula-web.org)
Authentication-Results: mx1.freebsd.org;
	none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bacula-web.org;
	s=protonmail; t=1765257363; x=1765516563;
	bh=t63Vx1LYIGBqiooFKgyHWi8fBkYrVlVY21LE0aS/18E=;
	h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References:
	 Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID:
	 Message-ID:BIMI-Selector;
	b=ljCHITk42ItZ4pJXjn2zGymQqmh7R/XY/Ixi/TpT9dZg2YKgC04pUQuBsllzR6rSK
	 DEU9UJ5f8WXKp0RzzdN1+gpdeGo78cICc5VkMdWEQmpqIBSK/1bByo04IoCMkHEs1P
	 RHZKl9zsZiU/ApV9KXWHAZfyv0sCrkFDUrbKwUBFIA9yTbdlL/wK11N7ltgJ0IsFn7
	 0wOMfaz97Dl0mBURhyS78717B9+HQ7kIxQw2B7cWQZhPzDzet5UarZ1b8bJqd0ZjXy
	 kTqBA83d9u0sfVXAxzNgtxJQzMxDSea8EwxSWhiBH5UHdE2TljGyLsqU4KZhXWItXZ
	 iR8MIBgiE4+2A==
Date: Tue, 09 Dec 2025 05:15:57 +0000
To: Polarian <polarian@polarian.dev>
From: Bacula-Web project maintainer <hello@bacula-web.org>
Cc: freebsd-security@freebsd.org
Subject: Re: Guidance on how to handle FreeBSD port vulnerability
Message-ID: <Dn9ZQCiTno3chgAUh90EUetbOP89ECT50OdyVgesB_0Rjjtsq4eIfSXtxp8mXcu3QWyRXXZmJNV_58C60nSPRR7e7TVVqcOHMPH7YW2BzOE=@bacula-web.org>
In-Reply-To: <20251208212533.48a22c85@Hydrogen>
References: <cXTG30QIfXitaGbKSlG7Uj3ytQSr9Iwe6xcuhV_WSSmTA4gYKUzb0RZV2MDm9bi7EHeImSfmx66JWr26-O1iM1w4WyMWnGOI4s8KjJqNNq8=@bacula-web.org> <11DA25E7-8840-4182-995A-B976439C2E04@FreeBSD.org> <VACCz5LMa4FMxnmNWApM_IkcUyWsyJIfaC_aV7MO8_5swa_7SFEfU9EZXclK1VBVY8c-WGov2XTt_9Z_KLMap2aj0LWFU1jjVDqdFIZ4FUE=@bacula-web.org> <20251208212533.48a22c85@Hydrogen>
Feedback-ID: 62987555:user:proton
X-Pm-Message-ID: e21edbc321adaadd24f1dec415972f565f8826ac
List-Id: Security issues <freebsd-security.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-security
List-Help: <mailto:freebsd-security+help@freebsd.org>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Subscribe: <mailto:freebsd-security+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-security+unsubscribe@freebsd.org>
X-BeenThere: freebsd-security@freebsd.org
Sender: owner-freebsd-security@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spamd-Bar: ----
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[]
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Rspamd-Queue-Id: 4dQRs222lzz430b

Hi,

> Hey,
>=20
> I assume you are referencing CVE-2025-45346?

Yes, this is exactly the CVE I had in mind.

>=20
> I checked now I still do not see a bug for this.

I've created this one -> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=
=3D291505

>=20
> Take care,
> --
> Polarian
> Jabber/XMPP: polarian@icebound.dev

Best regards

Davide