Audit the Content Process Sandbox Level bump in ESR68.8 on Windows
To fix CVE-2020-12388 and CVE-2020-12389, Mozilla set security.sandbox.content.level
to 6
.
The code to support that was backported to ESR: https://hg.mozilla.org/mozilla-unified/file/esr68/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp#l505
Correctness and completeness of the backport should be audited.