You mean upgrade applications that depend on that core library. Which you have to do anyway since a patched library will not be bug-compatible with the old one.
That's the biggest issue, if you test with library version X and run with library version Y, then any sufficiently complicated program will have bugs that would have been found by testing with the same version of the library you run with.
Responsible library maintainers ensure that security fixes and subminor releases are drop-in replacements. No distro rebuilds the world under these circumstances.
That's the biggest issue, if you test with library version X and run with library version Y, then any sufficiently complicated program will have bugs that would have been found by testing with the same version of the library you run with.