Comment 24 for bug 1809156

for trusty, as you wish! my update is based on this one, so better go ahead with this fix and wait for the other to land later, or go ahead with the other and avoid this upload, as you want!

the 4.3.40 update contains this fix, so you can use the approach you prefer.

I would say since this is mostly a no-change upload, we can make this one reach security, and then take our time for the "big update to 4.3.40", so in case of regressions in the big one, we will have a stable baseline with this CVE fixed.