Comment 9 for bug 1561199

If the bug is really only in the design of Swift3 for this operation and the other changes are merely fixing non-production test tooling (in Swift) or adding support for Swift3's needs (in keystonemiddleware and python-keystoneclient), then the OpenStack VMT won't be issuing an official OpenStack Security Advisory. In that case the Swift3 team is still welcome to still follow our processes documented at https://security.openstack.org/vmt-process.html and the OpenStack VMT can provide access to the list of downstream stakeholders if coordinated disclosure and advance notification are deemed useful.