Comment 33 for bug 1029950

Agreed, this is class C1 (not practically exploitable and so not anything for which we should issue a security advisory). If there are no disagreements, I'll switch this to a regular public bug and mark the security advisory task "won't fix" on Thursday.