Comment 6 for bug 651610

On Zesty, I tried to reproduce the CVE before the patch and was able to, after patching the package, rebuilding, and restarting the thumbnailer service I no longer could reproduce the issue.