Bugzilla

### Security Approval Request
* **How easily could an exploit be constructed based on the patch?**: Unknown, as this will mostly just lead to races inside the Mesa driver. This only affects the Linux + Nouveau population, and the most common symptom will be frequent crashes when viewing Canvas2D content.
* **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: Unknown
* **Which older supported branches are affected by this flaw?**: 110
* **If not all supported branches, which bug introduced the flaw?**: Bug 110
* **Do you have backports for the affected branches?**: Yes
* **If not, how different, hard to create, and risky will they be?**: 
* **How likely is this patch to cause regressions; how much testing does it need?**: This ensures accelerated Canvas2D can't be used in anything other than the content process, which was the case prior to 110 anyway. We generally should never be creating accelerated Canvas2D contexts in any other process than a content process anyway, since these are not typically long-running use-cases that benefit from heavy acceleration.
* **Is Android affected?**: No

### Security Approval Request
* **How easily could an exploit be constructed based on the patch?**: Unknown, as this will mostly just lead to races inside the Mesa driver. This only affects the Linux + Nouveau population, and the most common symptom will be frequent crashes when viewing Canvas2D content. However, given the crash frequency compared to the size of this population (only 3.5% of Linux users), the crash frequency is a bit worrying.
* **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: Unknown
* **Which older supported branches are affected by this flaw?**: 110
* **If not all supported branches, which bug introduced the flaw?**: Bug 110
* **Do you have backports for the affected branches?**: Yes
* **If not, how different, hard to create, and risky will they be?**: 
* **How likely is this patch to cause regressions; how much testing does it need?**: This ensures accelerated Canvas2D can't be used in anything other than the content process, which was the case prior to 110 anyway. We generally should never be creating accelerated Canvas2D contexts in any other process than a content process anyway, since these are not typically long-running use-cases that benefit from heavy acceleration.
* **Is Android affected?**: No

### Security Approval Request
* **How easily could an exploit be constructed based on the patch?**: Unknown, as this will mostly just lead to races inside the Mesa driver. This only affects the Linux + Nouveau population, and the most common symptom will be frequent crashes when using browser features that rely on any form of screenshotting or otherwise utilize Canvas2D. However, given the crash frequency compared to the size of this population (only 3.5% of Linux users), the crash frequency is a bit worrying.
* **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: Unknown
* **Which older supported branches are affected by this flaw?**: 110
* **If not all supported branches, which bug introduced the flaw?**: Bug 110
* **Do you have backports for the affected branches?**: Yes
* **If not, how different, hard to create, and risky will they be?**: 
* **How likely is this patch to cause regressions; how much testing does it need?**: This ensures accelerated Canvas2D can't be used in anything other than the content process, which was the case prior to 110 anyway. We generally should never be creating accelerated Canvas2D contexts in any other process than a content process anyway, since these are not typically long-running use-cases that benefit from heavy acceleration.
* **Is Android affected?**: No

### Security Approval Request
* **How easily could an exploit be constructed based on the patch?**: Unknown, as this will mostly just lead to races inside the Mesa driver. This only affects the Linux + Nouveau population, and the most common symptom will be frequent crashes when using browser features that rely on any form of Canvas2D-based screenshotting or otherwise utilize Canvas2D. However, given the crash frequency compared to the size of this population (only 3.5% of Linux users), the crash frequency is a bit worrying.
* **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: Unknown
* **Which older supported branches are affected by this flaw?**: 110
* **If not all supported branches, which bug introduced the flaw?**: Bug 110
* **Do you have backports for the affected branches?**: Yes
* **If not, how different, hard to create, and risky will they be?**: 
* **How likely is this patch to cause regressions; how much testing does it need?**: This ensures accelerated Canvas2D can't be used in anything other than the content process, which was the case prior to 110 anyway. We generally should never be creating accelerated Canvas2D contexts in any other process than a content process anyway, since these are not typically long-running use-cases that benefit from heavy acceleration.
* **Is Android affected?**: No

### Security Approval Request
* **How easily could an exploit be constructed based on the patch?**: Unknown, as this will mostly just lead to races inside the Mesa driver. This only affects the Linux + Nouveau population, and the most common symptom will be frequent crashes when using browser features that rely on any form of Canvas2D-based screenshotting or otherwise utilize Canvas2D in the parent process. However, given the crash frequency compared to the size of this population (only 3.5% of Linux users), the crash frequency is a bit worrying.
* **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: Unknown
* **Which older supported branches are affected by this flaw?**: 110
* **If not all supported branches, which bug introduced the flaw?**: Bug 110
* **Do you have backports for the affected branches?**: Yes
* **If not, how different, hard to create, and risky will they be?**: 
* **How likely is this patch to cause regressions; how much testing does it need?**: This ensures accelerated Canvas2D can't be used in anything other than the content process, which was the case prior to 110 anyway. We generally should never be creating accelerated Canvas2D contexts in any other process than a content process anyway, since these are not typically long-running use-cases that benefit from heavy acceleration.
* **Is Android affected?**: No