Embargoes for secondary issues

[Florian Weimer <fweimer () redhat com>]

Suppose we have an unfixed, public issue, and while working on a fix, 
other issues in the same code are discovered which are different flaws, 
but have similar impact than the original issue.

Do we need an embargo for the secondary issues, or can we just make them 
public immediately?  I would strongly prefer the latter.

--
Florian Weimer / Red Hat Product Security