Comment 4 for bug 1796126

Looking at the upstream security advisory linked, I can't find any CVEs that are still open in Ubuntu. I checked all the ones categorised by upstream as Critical or High, and Ubuntu's CVE database shows them all as having fixes published in Ubuntu already.

It seems to me that this is therefore not a security issue.

Please confirm by looking for a CVE that isn't fixed by examining Ubuntu's CVE Tracker at https://people.canonical.com/~ubuntu-security/cve/. If you can find a CVE number that is specifically not fixed, then please highlight that here. Going just on the basis of the version number is not sufficient and is an FAQ item: https://wiki.ubuntu.com/SecurityTeam/FAQ#Versions