This was fixed long enough ago that the vulnerable branches are no longer supported, so I'm marking our security advisory task Won't Fix.
This was fixed long enough ago that the vulnerable branches are no longer supported, so I'm marking our security advisory task Won't Fix.