The patch in comment #17 looks good. Just double checking, but it doesn't look like we have a test for the random domain bit that Kristi mentioned in comment #14.
Also, in the event we disclose this issue, do we formally agree on the work around? Which is to deactivate the affected APIs via policy.
The patch in comment #17 looks good. Just double checking, but it doesn't look like we have a test for the random domain bit that Kristi mentioned in comment #14.
Also, in the event we disclose this issue, do we formally agree on the work around? Which is to deactivate the affected APIs via policy.