Comment 1 for bug 1532198

Hajo Möller (dasjoe) wrote :

Just for completeness sake, a CVE was assigned to ZFS on Linux, CVE-2015-3400.
This is based on an issue that was exclusive to Debian.

See for the assignment and for the details.

In short, ZoL's Debian then-maintainer (who is not Debian's current ZoL maintainer, if I am not mistaken) built the "official" ZoL Debian packages with additional patches.
Those patches were subject to above's CVE, the issue has since been fixed and affected Debian exclusively.