Bruno Oliveira da Silva
Bruno Oliveira da Silva
Hi pronix, why not create a gist? Less verbose, and better to discuss. What you did at your specs? I didn't see. Please, let me know
@aeisenberg @adityasharad @JacquesLeRoux thank you for the information provided here. On [Keycloak](https://www.keycloak.org/) we have the same issue https://github.com/keycloak/keycloak/actions/runs/1865950407. Reading the discussion here helped to identify the issue at least, which...
@mhajas even though I agree with @Minhception that it is a good security practice to use separate keys for signing and encryption, and I understand why it was flagged as...
@trixpan thanks for bringing it to our attention, and unfortunately, we need to wait until the next upgrade of Quarkus and WildFly. Keycloak legacy is built on top of WildFly...
In order to update the postgresql dependency, we depend on https://github.com/keycloak/keycloak/issues/12210
@sguilhen do you think we need integration tests for those changes?
@jonkoops we definitely should get rid of those examples at some point, and eventually suggest an alternative to the community. Having those as part of the documentation has some disadvantages...
@ahus1 do you know if the fix was shipped on 19.0.2? We got some reports from people mentioning the opposite, please see the comments above.
@tob123 thanks for bringing it to our attention. You are correct, we refer to Elytron 1.18.3. The lastest stable release of Elytron is 1.19.0.Final, which is still contains a vulnerable...
More details here: - https://github.com/keycloak/keycloak/pull/13740#issuecomment-1215271827 - https://github.com/keycloak/keycloak/pull/12211#issuecomment-1148718886