We do our best to triage all new security bugs in a timely fashion. These bugs were no exception. They were assigned a sec-moderate rating as they present a limited risk and were added to our bug-fix queue.
Mozilla has limited engineering resources, and we use these security ratings to guide which bugs we work on. The queue of sec-moderate bugs is always being worked on, and unfortunately, we just haven’t gotten to these yet. Al Billings Platform Engineering Security Program Manager _______________________________________________ governance mailing list [email protected] https://lists.mozilla.org/listinfo/governance
