Bug 1826666 Comment 6 Edit History

Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.

Original comment by

Olli Pettay [:smaug][bugs@pettay.fi]

on 2023-04-21 05:47:27 PDT

### Beta/Release Uplift Approval Request
* **User impact if declined**: 
* **Is this code covered by automated tests?**: Yes
* **Has the fix been verified in Nightly?**: Yes
* **Needs manual test from QE?**: Yes
* **If yes, steps to reproduce**: 
* **List of other uplifts needed**: None
* **Risk to taking this patch**: Low
* **Why is the change risky/not risky? (and alternatives if risky)**: 
* **String changes made/needed**: 
* **Is Android affected?**: Yes

### ESR Uplift Approval Request
* **If this is not a sec:{high,crit} bug, please state case for ESR consideration**: 
* **User impact if declined**: 
* **Fix Landed on Version**: 
* **Risk to taking this patch**: Low
* **Why is the change risky/not risky? (and alternatives if risky)**: 

### Security Approval Request
* **How easily could an exploit be constructed based on the patch?**: There is no known exploit and atm it is unclear how to reach the problematic state, but the patch, which is created based on code inspection, is very trivial and the patch applies to mozilla-central, beta and esr.
* **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: Yes
* **Which older supported branches are affected by this flaw?**: all
* **If not all supported branches, which bug introduced the flaw?**: None
* **Do you have backports for the affected branches?**: Yes
* **If not, how different, hard to create, and risky will they be?**: 
* **How likely is this patch to cause regressions; how much testing does it need?**: This should be very safe.
* **Is Android affected?**: Yes

Revision 1 by

Olli Pettay [:smaug][bugs@pettay.fi]

on 2023-04-21 05:48:01 PDT

### Beta Uplift Approval Request
### ESR Uplift Approval Request
### Security Approval Request
* **How easily could an exploit be constructed based on the patch?**: There is no known exploit and atm it is unclear how to reach the problematic state, but the patch, which is created based on code inspection, is very trivial and the patch applies to mozilla-central, beta and esr.
* **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: Yes
* **Which older supported branches are affected by this flaw?**: all
* **If not all supported branches, which bug introduced the flaw?**: None
* **Do you have backports for the affected branches?**: Yes
* **If not, how different, hard to create, and risky will they be?**: 
* **How likely is this patch to cause regressions; how much testing does it need?**: This should be very safe.
* **Is Android affected?**: Yes