Bug 1506665 Comment 50 Edit History

Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.

### Security Approval Request
* **How easily could an exploit be constructed based on the patch?**: It seems not easy, but it might be possible to construct.
* **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: No
* **Which older supported branches are affected by this flaw?**: Firefox 59
* **If not all supported branches, which bug introduced the flaw?**: Bug 1427668
* **Do you have backports for the affected branches?**: No
* **If not, how different, hard to create, and risky will they be?**: It is not difficult. Risk is same to the current path.
* **How likely is this patch to cause regressions; how much testing does it need?**: I locally tested with 1506665 Comment.t The patch addressed Tab crashes for me. There might still exist a route to cause nullptr GLContext access.
Testing with Bug 1506665 Comment 5 seems necessary.
### Security Approval Request
* **How easily could an exploit be constructed based on the patch?**: It seems not easy, but it might be possible to construct.
* **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: No
* **Which older supported branches are affected by this flaw?**: Firefox 59
* **If not all supported branches, which bug introduced the flaw?**: Bug 1427668
* **Do you have backports for the affected branches?**: No
* **If not, how different, hard to create, and risky will they be?**: It is not difficult. Risk is same to the current path.
* **How likely is this patch to cause regressions; how much testing does it need?**: I locally tested with 1506665 Comment 5. The patch addressed Tab crashes for me. There might still exist a route to cause nullptr GLContext access.
Testing with Bug 1506665 Comment 5 seems necessary.
### Security Approval Request
* **How easily could an exploit be constructed based on the patch?**: It seems not easy, but it might be possible to construct.
* **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: No
* **Which older supported branches are affected by this flaw?**: Firefox 59
* **If not all supported branches, which bug introduced the flaw?**: Bug 1427668
* **Do you have backports for the affected branches?**: No
* **If not, how different, hard to create, and risky will they be?**: It is not difficult. Risk is same to the current path.
* **How likely is this patch to cause regressions; how much testing does it need?**: I locally tested with Bug 1506665 Comment 5. The patch addressed Tab crashes for me. There might still exist a route to cause nullptr GLContext access.
Testing with Bug 1506665 Comment 5 seems necessary.
### Security Approval Request
* **How easily could an exploit be constructed based on the patch?**: It seems not easy, but it might be possible to construct.
* **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: No
* **Which older supported branches are affected by this flaw?**: Firefox 59
* **If not all supported branches, which bug introduced the flaw?**: Bug 1427668
* **Do you have backports for the affected branches?**: No
* **If not, how different, hard to create, and risky will they be?**: It is not difficult. Risk is same to the current path.
* **How likely is this patch to cause regressions; how much testing does it need?**: I locally tested with Bug 1506665 Comment 37. The patch addressed Tab crashes for me. There might still exist a route to cause nullptr GLContext access.
Testing with Bug 1506665 Comment 37 seems necessary.

Back to Bug 1506665 Comment 50