@Jeremy and other VMT people: Now that it looks like we're closing in on a solution, how can we handle this? It would be good if we could give operators a heads up before the OSSN is published, because until they both have os-brick patched on all computes and the config file deployed on all hosts with a new password, they can't really fix this (except to change the password early so that no new connections to the backend can be made, which would be pretty disruptive). The statement in the description says "This embargo shall not extend past 2020-05-27 and will be made
public by or on that date if no fix is identified" -- since a fix has been identified, can we extend the embargo a bit?
@Jeremy and other VMT people: Now that it looks like we're closing in on a solution, how can we handle this? It would be good if we could give operators a heads up before the OSSN is published, because until they both have os-brick patched on all computes and the config file deployed on all hosts with a new password, they can't really fix this (except to change the password early so that no new connections to the backend can be made, which would be pretty disruptive). The statement in the description says "This embargo shall not extend past 2020-05-27 and will be made
public by or on that date if no fix is identified" -- since a fix has been identified, can we extend the embargo a bit?