For me, if it is still supported today then we should issue the OSSA. -bryan On Thu, Jan 30, 2014 at 5:32 PM, Jeremy Stanley <fungi at yuggoth.org> wrote: > On 2014-01-30 17:17:53 -0800 (-0800), Bryan D. Payne wrote: > > Are you thinking an OSSN or an OSSA? The advisory (OSSA) is > > often what is used for security issues that have been fixed and > > we want to tell people to upgrade. The note (OSSN) is often what > > is used for guidance on configuring one's system securely. > > Good point. It looks like this was fixed early in the Havana > development cycle, but not dealt with as a security vulnerability > nor brought to the VMT's attention at the time. Since QPid support > seems to have been in place around the Essex release we could in > theory issue a retroactive OSSA affecting Grizzly (but its end of > support is only about a month away now). Thoughts? > -- > Jeremy Stanley > > _______________________________________________ > Openstack-security mailing list > Openstack-security at lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140130/1317516e/attachment.html>