Comment 8 for bug 1517277

Thanks for clarifying! Was just trying to figure out if an OSSA was needed here.

Ironic doesn't seem to currently have the vulnerability:managed tag in openstack/governance.
(See - http://governance.openstack.org/reference/tags/vulnerability_managed.html)

We will most likely need to look into that if a security advisory is required here. I'll add a OSSA task to the bug in assist the VMT with tracking.