As Matthew Edmonds pointed out in a comment at https://review.openstack.org/425732 this was partially (perhaps completely?) fixed in master already under separate bug 1646254 which was not identified as a vulnerability.
As Matthew Edmonds pointed out in a comment at https:/ /review. openstack. org/425732 this was partially (perhaps completely?) fixed in master already under separate bug 1646254 which was not identified as a vulnerability.