Comment 5 for bug 1425206

Since this report concerns a possible security risk, an incomplete security advisory task has been added while the core security reviewers for the affected project or projects confirm the bug and discuss the scope of any vulnerability along with potential solutions.

I'm still not convinced that debug related issues should be treated as vulnerabilities and/or under embargo, though I put back the OSSA task as incomplete for further discussion...