[keycloak-user] RH-SSO security patches in Keycloak
Sebastien Blanc
sblanc at redhat.com
Mon Feb 5 04:53:36 EST 2018
Hi,
In the document you shared, in the fixes list, if you click one you will
see that each bugzilla issue has also an upstream issue linked and that it
is fixed.
For instance : https://bugzilla.redhat.com/show_bug.cgi?id=1484111
indicates in the comment a link to
https://issues.jboss.org/browse/KEYCLOAK-5234
Seb
On Mon, Feb 5, 2018 at 10:40 AM, RickT153 . <rickt15392 at googlemail.com>
wrote:
> Hello,
>
> I have found that there have been a few security issues, which have been
> patched for RH-SSO.
>
> https://access.redhat.com/errata/RHSA-2017:2904
>
> I assume that Keycloak has been affected by the same problems, as RH-SSO is
> based on Keycloak. However, I could not find any resources indicating that
> any fixes have been applied to Keycloak.
>
> So what is the current status on this subject? Is the latest version of
> Keycloak affected by those vulnerabilities? Have they been patched? I will
> appreciate any answer to those questions. More so, if the answers include
> links from which I can confirm the answers for myself.
>
> Thanks and best regards,
> Patrick
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list