Comment 7 for bug 1559239

Here's another signed-off security fix that has missed several releases (compare bug 1822630). If there are no outstanding concerns with the fix, can it be committed? Is there something else that should be done to ensure these fixes make it into the next round of releases?