Using a package manager vs compiling from source for latest updates
Solution 1:
Security vulnerabilites in packages gets backported by Ubuntu developers into the ubuntu-maintained package. Even though you might not always get the latest software-versions, you will be assured that the version you have installed is supported with security upgrades through the entire life-cycle of the Ubuntu release.
I recommend you to use the available ubuntu-packages whenever possible. If you need a newer version of a package because of a lacking feature in the current version, you should check for a maintained third-party PPA (Personal Package Archive).
Solution 2:
And when you examine the change logs, you'll see that those same vulnerabilities are fixed in the most recent packages.
This practice is called backporting - new versions are avoided, since they might introduce new features (and bugs). The security vulnerability patches are applied, but the version number of the software in use does not change.