It's a bad thing for Linux platforms, which should use the system version of ffmpeg; however, that's something much easier to solve when you're actually the Linux distribution, rather than a third party.
Note that many of the changes in this fork come from the Debian packaging of Chromium.
IMO Google is in a better position to deal with ffmpeg security updates than Debian is. Google is spending a lot of effort into fuzz testing ffmpeg[1] and other components of Chrome and also rolls out updates very quickly.
I'd expect the distro ffmpeg to not need as much updating if you're only using it for local media that you trust. But Chrome's ffmpeg has to decode media from untrusted sources so it's important that security bugs get fixed ASAP.
Note that many of the changes in this fork come from the Debian packaging of Chromium.