Comment 3 for bug 1375599

Thanks Ajaya. In that case I think we should probably tag this "security" to indicate it's a good opportunity for security hardening, but not issue an advisory when it's fixed and (likely) not worry about getting it backported to previous releases.