Comment 1 for bug 236113

Despite the original MIR, chmlib has had quite a few vulns in the past, and due to its handling of HTML and integration into browsers it makes quite a nice attack vector. Kees, Jamie, can you please give this a deeper security review and an opinion about the general sanity of chmlib? Thanks!