I'm wondering if it wouldn't be better to just backport the current VLC to the stable releases' backports repositories if it's not possible to publish security updates in time. Better to have a "leap" in versions than to leave users behind with vulnerable software. But then there would have to be some kind of announcement that backports not only contain newer versions of software, but also security-related updates.
-- vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors https://bugs.launchpad.net/bugs/122207 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
