[keycloak-user] RH-SSO security patches in Keycloak

LAGIER Aymeric Aymeric.LAGIER at ext.imprimerienationale.fr
Mon Feb 5 04:55:24 EST 2018


Hi,

I have already ask about theses vulnerabilities (cf my previous email in
attachments).
I didn't receive answers.

Thanks

-----Message d'origine-----
De : keycloak-user-bounces at lists.jboss.org
[mailto:keycloak-user-bounces at lists.jboss.org] De la part de RickT153 .
Envoyé : lundi 5 février 2018 10:41
À : keycloak-user at lists.jboss.org
Objet : [keycloak-user] RH-SSO security patches in Keycloak

Hello,

I have found that there have been a few security issues, which have been
patched for RH-SSO.

https://access.redhat.com/errata/RHSA-2017:2904

I assume that Keycloak has been affected by the same problems, as RH-SSO is
based on Keycloak. However, I could not find any resources indicating that
any fixes have been applied to Keycloak.

So what is the current status on this subject? Is the latest version of
Keycloak affected by those vulnerabilities? Have they been patched? I will
appreciate any answer to those questions. More so, if the answers include
links from which I can confirm the answers for myself.

Thanks and best regards,
Patrick
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An embedded message was scrubbed...
From: "LAGIER Aymeric" <Aymeric.LAGIER at ext.imprimerienationale.fr>
Subject: Keycloak CVE
Date: Fri, 8 Dec 2017 11:14:48 +0100
Size: 9364
Url: http://lists.jboss.org/pipermail/keycloak-user/attachments/20180205/c8334628/attachment.mht 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5589 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20180205/c8334628/attachment.bin 


More information about the keycloak-user mailing list