Markus Koschany wrote: > Just to be clear a new upstream libav doesn't need to coincide with a > Debian security update. It wouldn't do any harm though. Important is > that we only fix security related issues and leave possible features out > that are not strictly needed to fix the CVEs.
This is not how libav security updates are handled in Debian; we've
always shipped the 0.8.x and 11.x bugfix releases in -security.
Cheers,
Moritz
