okular_17.12.2-2.1_source.changes, I believe that means that CVE-2018-1000801 will be fixed for unstable.
What I'm wondering is why not going directly to 18.08.1+, where the issue has been fixed upstream for months: I myself use experimental version (18.04) for months, and it behaves way better than 17.12.
Specifically there was the issue with /saving/ and /annotations/: https://bugs.kde.org/show_bug.cgi?id=397373
And there was also an even more annoying issue, for which I've seen no descriptions though, which implied frequent crashes of Okular when doing some mouse annotations, with consequence being unsaved annotations lost: that doesn't occur anymore with 18.04.
So I'm wondering if there is something wrong with 18.081+ version?