After further discussion with Vishal Manchanda, the risk implied by this bug is minor enough that the most expedient solution will be to go public with it now and follow our lower-effort public security process: https://security.openstack.org/vmt-process.html#process
Please push the proposed fix(es) to Gerrit and mention this report in the commit message, so it can be reviewed there with full context.
After further discussion with Vishal Manchanda, the risk implied by this bug is minor enough that the most expedient solution will be to go public with it now and follow our lower-effort public security process: https:/ /security. openstack. org/vmt- process. html#process
Please push the proposed fix(es) to Gerrit and mention this report in the commit message, so it can be reviewed there with full context.