Comment 3 for bug 1703369

Just to confirm, this is only a risk for the upcoming Pike release, not a defect in current supported stable branches? If so, we would not issue a security advisory unless it remains unfixed at release time per report class Y ("Vulnerability only found in development release") in our taxonomy: https://security.openstack.org/vmt-process.html#incident-report-taxonomy