On Thu, Sep 22, 2016 at 03:02:40PM +1200, Alex King wrote: > https://security-tracker.debian.org/tracker/CVE-2016-6662 > > This page lists mariadb-10.0 as fixed in jessie but still vulnerable > in jessie (security) > > That seems the wrong way around to me?
No, that's correct. The fixed version entered the archive via the latest point update. Cheers, Moritz