Comment 6 for bug 1691662

Since this was originally opened as Public there wasn't much point in switching it to Private Security once all the nova bug subscribers were notified of it, so I've set it back to Public.

At this point, what consensus there is seems to be that this is an issue which should be corrected in documentation and/or a concern with memcached rather than any OpenStack software. It probably falls into either report class B2 (A vulnerability without a complete fix yet, security note for all versions, e.g., poor architecture / design) or C2 (A vulnerability, but not in OpenStack supported code, e.g., in a dependency) in our taxonomy, and so should not need an advisory: https://security.openstack.org/vmt-process.html#incident-report-taxonomy