Note that you've changed the information type of this bug to Public Security, indicating it represents a possible security vulnerability. Since the OpenStack Vulnerability Management Team (VMT) does not officially oversee[*] the neutron-vpnaas deliverable, I'm adding a security advisory task with a Won't Fix status to indicate we're not tracking this for any future advisory publication.
[*] https://security.openstack.org/repos-overseen.html ** Also affects: ossa Importance: Undecided Status: New ** Changed in: ossa Status: New => Won't Fix -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1938284 Title: Missing Diffie-Hellman-Groups Status in neutron: In Progress Status in OpenStack Security Advisory: Won't Fix Bug description: The values for the pfs (perfect forward secrecy) when creating an ike or ipsec policy are limited to the Diffie-Hellman-Groups 2,5 and 14. Strongswan as the default provider supports more than these 3 groups, e.g. group20(ecp384). To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1938284/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
