Hi Geert, On Mon, Feb 29, 2016 at 08:58:00PM +0100, Geert Stappers wrote: > Hi, > > https://security-tracker.debian.org/tracker/CVE-2016-1898 > mentions wheezy and stretch, but not jessie, neither jessie-backports. > > CVE-2016-1898 is about a ffmpeg vulnerbility. > > ffmpeg is not in jessie, but it is in jessie-backports. > > The CVE-2016-1898 vulnerbility is is fixed in jessie-backports. > > What needs to be done that the Debian security-tracker > reports status of packages in backports?
There is some discussion about this in #664866. But we haven't progress on having that correctly since then. Regards, Salvatore
