Re: [keycloak-dev] How to report security problem
Hello,
just a quick follow-up IIRC there was also a link with something like
"Found a Security issue? report it here" on the keycloak.org
website a while ago - might also have been the website of the Red Hat SSO
product. Anyways keycloak.org should have a
more visible link / section with details about reporting security issues.
Cheers,
Thomas
2016-10-12 9:36 GMT+02:00 Thomas Darimont <thomas.darimont(a)googlemail.com>:
Hello Hiroyuki,
Just create a new issue here https://issues.jboss.org/projects/KEYCLOAK
Mark it as Security Sensitive Issue (x) This issue is security relevant.
Cheers,
Thomas
2016-10-12 9:30 GMT+02:00 Hiroyuki Wada <wadahiro(a)gmail.com>:
> Hello,
>
> I have security concern in Keycloak server. It might be a vulnerability.
> Where should I report this problem?
>
>
> Regards,
>
> --
> Hiroyuki Wada,
> Developer,
> Nomura Research Institute, Ltd.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>