Comment 26 for bug 306362

(In reply to comment #24)
> Should we try to embargo this through vendor-sec, or just go ahead and commit
> the patch to git under the assumption that since it's already in the Debian BTS
> it's public?

v-s is already aware of this issue, we already passed the previously proposed embargo date and there was not request for extension. Given the Debian bug, I don't think there's any need for further embargo.