Hi Debian Security Team, Thank you for providing the great tracker system. I have a question. When it comes to CVE-2017-1000082, jessie says "fixed". https://security-tracker.debian.org/tracker/CVE-2017-1000082
But OVAL describes the following. <criterion comment="systemd DPKG is earlier than 0" test_ref="oval:org.debian.oval:tst:15314"/> In the case of buster, OVAL is like the following. <criterion comment="systemd DPKG is earlier than 234-1" test_ref="oval:org.debian.oval:tst:11877"/> Are they correct? If it is fixed, I think it should not be "0" and buster should have suffix like "~deb10uX", not "234-1". Best regards, Teppei