Re: [keycloak-user] RH-SSO security patches in Keycloak

Monday, 5 February 2018

Hi,

In the document you shared, in the fixes list, if you click one you will
see that each bugzilla issue has also an upstream issue linked and that it
is fixed.
For instance : https://bugzilla.redhat.com/show_bug.cgi?id=1484111
indicates in the comment a link to
https://issues.jboss.org/browse/KEYCLOAK-5234

Seb

On Mon, Feb 5, 2018 at 10:40 AM, RickT153 . <rickt15392(a)googlemail.com&gt;
wrote:

...
 Hello,

 I have found that there have been a few security issues, which have been
 patched for RH-SSO.

 https://access.redhat.com/errata/RHSA-2017:2904

 I assume that Keycloak has been affected by the same problems, as RH-SSO is
 based on Keycloak. However, I could not find any resources indicating that
 any fixes have been applied to Keycloak.

 So what is the current status on this subject? Is the latest version of
 Keycloak affected by those vulnerabilities? Have they been patched? I will
 appreciate any answer to those questions. More so, if the answers include
 links from which I can confirm the answers for myself.

 Thanks and best regards,
 Patrick
 _______________________________________________
 keycloak-user mailing list
 keycloak-user(a)lists.jboss.org
 https://lists.jboss.org/mailman/listinfo/keycloak-user

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

Re: [keycloak-user] RH-SSO security patches in Keycloak