Re: [keycloak-user] RH-SSO security patches in Keycloak

Hi, I have already ask about theses vulnerabilities (cf my previous email in attachments). I didn't receive answers. Thanks -----Message d'origine----- De : keycloak-user-bounces(a)lists.jboss.org [mailto:keycloak-user-bounces@lists.jboss.org] De la part de RickT153 . Envoyé : lundi 5 février 2018 10:41 À : keycloak-user(a)lists.jboss.org Objet : [keycloak-user] RH-SSO security patches in Keycloak Hello, I have found that there have been a few security issues, which have been patched for RH-SSO. https://access.redhat.com/errata/RHSA-2017:2904 I assume that Keycloak has been affected by the same problems, as RH-SSO is based on Keycloak. However, I could not find any resources indicating that any fixes have been applied to Keycloak. So what is the current status on this subject? Is the latest version of Keycloak affected by those vulnerabilities? Have they been patched? I will appreciate any answer to those questions. More so, if the answers include links from which I can confirm the answers for myself. Thanks and best regards, Patrick _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user