[Bug 291896] FreeBSD-kernel-15.0 is vulnerable message (not using pkgbase)

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 291896] FreeBSD-kernel-15.0 is vulnerable message (not using pkgbase)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 23 Dec 2025 15:57:46 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=291896

            Bug ID: 291896
           Summary: FreeBSD-kernel-15.0 is vulnerable message (not using
                    pkgbase)
           Product: Base System
           Version: 15.0-CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Keywords: pkgbase
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: jlduran@FreeBSD.org

The daily mail is sending (please ignore the python one):

Checking for security vulnerabilities in base (userland & kernel):
Fetching vuln.xml.xz: ......... done
FreeBSD-kernel-15.0 is vulnerable:
  FreeBSD -- ipfw denial of service
  CVE: CVE-2025-14769
  WWW:
https://vuxml.FreeBSD.org/freebsd/0b22e22a-dae9-11f0-80b8-bc241121aa0a.html

1 problem(s) in 1 package(s) found.
vulnxml file up-to-date
0 problem(s) in 0 package(s) found.

Checking for packages with security vulnerabilities:
Database fetched: 2025-12-22T04:30-05:00
python311-3.11.14

However, the system is not using pkgbase plus it has the latest freebsd-update
patches:

# freebsd-version -kru
15.0-RELEASE
15.0-RELEASE
15.0-RELEASE-p1

Flagging it under pkgbase, just in case.

-- 
You are receiving this mail because:
You are the assignee for the bug.