There is a long-standing bug in network-manager that is present in Ubuntu 13.04 up to 16.10 leading to the addition of default gateway to /etc/resolv.conf and possible DNS leakage while using a VPN. The bug is fixed in network-manager>=1.4.4.
Could we have these bugfixes backported to the supported Ubuntu LTS?
This seems like a duplicate of your AskUbuntu question: https://askubuntu.com/questions/1062117/
It’s not a suggestion (or question). It’s a bug, and relevant discussion should take place in the bug report. So I’m closing it here.
“Please fix this bug” is not usually helpful. Read the bug report to find out what progress has been made, or what is blocking progress. Remember than many bugs are fixed by volunteer contributors - YOU can help fix bugs, too.
Read up on how security bugs, Stable Release Updates, and Backports work.