### Security Approval Request * **How easily could an exploit be constructed based on the patch?**: Creating a full exploit from this would be hard, but identifying the bad state we're avoiding isn't that hard for one of the few people well-versed in GL state. (but this very few people) * **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: No * **Which branches (beta, release, and/or ESR) are affected by this flaw, and do the release status flags reflect this affected/unaffected state correctly?**: beta, release, esr128 * **If not all supported branches, which bug introduced the flaw?**: None * **Do you have backports for the affected branches?**: No * **If not, how different, hard to create, and risky will they be?**: Should be easy * **How likely is this patch to cause regressions; how much testing does it need?**: Unlikely. I tested it on all of #1-11 fuzzing testcases generated by the Reporter, the previous testcase in bug 1914707, as well as the real-world misrendering in bug 1929834: No issues anymore. * **Is the patch ready to land after security approval is given?**: Yes * **Is Android affected?**: No ### Beta/Release Uplift Approval Request * **User impact if declined/Reason for urgency**: * **Is this code covered by automated tests?**: Yes * **Has the fix been verified in Nightly?**: Yes * **Needs manual test from QE?**: Yes * **If yes, steps to reproduce**: * **List of other uplifts needed**: None * **Risk to taking this patch**: Low * **Why is the change risky/not risky? (and alternatives if risky)**: * **String changes made/needed**: * **Is Android affected?**: Yes ### ESR Uplift Approval Request * **If this is not a sec:{high,crit} bug, please state case for ESR consideration**: * **User impact if declined**: * **Fix Landed on Version**: * **Risk to taking this patch**: Low * **Why is the change risky/not risky? (and alternatives if risky)**:
Bug 1924184 Comment 26 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
### Security Approval Request * **How easily could an exploit be constructed based on the patch?**: Creating a full exploit from this would be hard, but identifying the bad state we're avoiding isn't that hard for one of the few people well-versed in GL state. (but this very few people) * **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: No * **Which branches (beta, release, and/or ESR) are affected by this flaw, and do the release status flags reflect this affected/unaffected state correctly?**: beta, release, esr128 * **If not all supported branches, which bug introduced the flaw?**: None * **Do you have backports for the affected branches?**: No * **If not, how different, hard to create, and risky will they be?**: Should be easy * **How likely is this patch to cause regressions; how much testing does it need?**: Unlikely. I tested it on all of #1-11 fuzzing testcases generated by the Reporter, the previous testcase in bug 1914707, as well as the real-world misrendering in bug 1929834: No issues anymore. * **Is the patch ready to land after security approval is given?**: Yes * **Is Android affected?**: No