Comment 8 for bug 1337268

We can work with the ossp (openstack security project) to get a ossn security note, such as https://wiki.openstack.org/wiki/OSSN/OSSN-0052