If you look at each advisory, it will tell you the recommended version to get away from these issues. CVE-2015-3194 and CVE-2015-3195 require 1.0.1q while CVE-2015-3196 requires 1.0.1p (so we aren't affected by the second). The others only affect 1.0.2, which is not on 14.1. Both issues are classified as "moderate" and don't seem to cause any potential hacking points. Pat only provides patches when he feels the severity warrants the possible instability a patch can introduce. So we'll have to wait and see if he decides to put out patches.
If you're worried about these issues, it might be worth updating to the newer version yourself and then if Pat releases a version later, you can just install that (if desired).
|