Comment 52 for bug 1927677

I've switched the security advisory task back to incomplete for now, while the vulnerability managers debate whether this requires errata publication or a completely new advisory.