Comment 6 for bug 1761054

Adding a "won't fix" state for security advisory publication, as the vulnerability management team considers information leaks in DEBUG level logs as "a vulnerability in experimental or debugging features not intended for production use" (class B3 in the report taxonomy): https://security.openstack.org/vmt-process.html#incident-report-taxonomy