Hi Debian Security Team,
Thank you for providing the great tracker system. I have a question. When it comes to CVE-2017-1000082, jessie says "fixed".
But OVAL describes the following.
In the case of buster, OVAL is like the following.
Are they correct? If it is fixed, I think it should not be "0" and buster should have suffix like "~deb10uX", not "234-1".
Best regards,
Teppei
|