https://bugzilla.redhat.com/show_bug.cgi?id=1725807
--- Comment #10 from Summer Long slong@redhat.com --- Statement:
Red Hat OpenStack's OpenDaylight does not use logback in any supported configuration. Therefore, the prerequisites for this vulnerability are not present and OpenDaylight is not affected.