On Thu, Aug 31, 2017 at 04:22:50PM +0200, Sven Hartge wrote: > I think this depends entirely on the Release Managers and the Security > Team if they allow new upstream versions to fix security bugs instead > of backporting the fixes to the original version in a release. > > Until now IIRC only Firefox and Chromium and MySQL (since remove and > replaced by MariaDB) had such an exception.
This has also happened with BIND, PostgreSQL, and Samba. With Samba, we've even had major feature changes in the middle of a stable release. :( > Time will tell if the same is granted to Virtualbox.