Debian does commit to security support for packages in main, i expect they will backport the patch to their current version and send notification from security-announce when an update is released. Also keep an eye on https://security-tracker.debian.org/tracker/CVE-2013-4547