Comment 8 for bug 1183884

It's best if a security fix can be as discrete and self-contained as possible, since this helps downstream distributors backport it more easily to arbitrary releases they may be packaging/supporting. I'm in the process of drafting an attempted impact description for this and need to get a couple swift core +2 votes in this bug (subscribed them just now) for the fix proposed in comment #2 or some alternative minimal implementation.