Comment 24 for bug 1732067

It seems like bug 1841622 was opened for an alternative fix for this even though all the discussion about the problem happened here. The code change associated with that duplicate bug is currently active, but the bug is not marked as a suspected vulnerability like this one.

Is there still any indication that this bug could represent an exploitable security vulnerability in deployments, which can be patched safely in supported stable branches as well? If not, then we should probably convert this to a regular bug report and close the security advisory task associated with it.

Regardless, I suspect bug 1841622 should be folded back into this one to limit confusion since it's not reporting a bug but rather describing a potential fix for this existing bug.