As per the CVE details in the Ubuntu CVE tracker for this CVE (https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-13050.html) you can see Marc mentions this was deferred because the specific updates to address this are not complete so we are waiting on better upstream fixes before trying to fix this in Ubuntu.
As per the CVE details in the Ubuntu CVE tracker for this CVE (https:/ /people. canonical. com/~ubuntu- security/ cve/2019/ CVE-2019- 13050.html) you can see Marc mentions this was deferred because the specific updates to address this are not complete so we are waiting on better upstream fixes before trying to fix this in Ubuntu.