[keycloak-user] RH-SSO security patches in Keycloak

mj lists at merit.unu.edu
Mon Feb 5 05:05:49 EST 2018


Well...I tried that, but was getting: "This issue can't be viewed" for 
KEYCLOAK-5225 for example.

Anyway, I guess that even though we cannot see the fix, the fix does 
actually exist and work :-)

Thanks!

MJ

On 02/05/2018 10:53 AM, Sebastien Blanc wrote:
> Hi,
> 
> In the document you shared, in the fixes list, if you click one you will
> see that each bugzilla issue has also an upstream issue linked and that it
> is fixed.
> For instance : https://bugzilla.redhat.com/show_bug.cgi?id=1484111
> indicates in the comment a link to
> https://issues.jboss.org/browse/KEYCLOAK-5234
> 
> Seb
> 
> 
> On Mon, Feb 5, 2018 at 10:40 AM, RickT153 . <rickt15392 at googlemail.com>
> wrote:
> 
>> Hello,
>>
>> I have found that there have been a few security issues, which have been
>> patched for RH-SSO.
>>
>> https://access.redhat.com/errata/RHSA-2017:2904
>>
>> I assume that Keycloak has been affected by the same problems, as RH-SSO is
>> based on Keycloak. However, I could not find any resources indicating that
>> any fixes have been applied to Keycloak.
>>
>> So what is the current status on this subject? Is the latest version of
>> Keycloak affected by those vulnerabilities? Have they been patched? I will
>> appreciate any answer to those questions. More so, if the answers include
>> links from which I can confirm the answers for myself.
>>
>> Thanks and best regards,
>> Patrick
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
> 


More information about the keycloak-user mailing list