Comment 10 for bug 2048785

Since the fix provided for the upcoming 2024.1 coordinated release requires additional actions on the part of the operator to apply to existing deployments affected by the former behavior, it won't qualify for a security advisory (OSSA) but may still warrant a security note (OSSN) if anyone feels strongly enough about the severity to draft one. The closest classes in our report taxonomy are B1/B2 (or perhaps C1 or D if the severity is deemed low enough by Neutron maintainers): https://security.openstack.org/vmt-process.html#report-taxonomy

I'm closing out our OSSA (advisory) task as "won't fix" and adding an "incomplete" OSSN task in case someone decides it's something they want to work on.