is keycloak security issue being addressed?
45 views
Skip to first unread message
Doug Whitfield
Nov 18, 2021, 11:22:23 AM11/18/21
to Keycloak User
Hi folks,
One of our customers submitted https://issues.redhat.com/browse/KEYCLOAK-19551 on 2021-10-14 but they appear to have not received any feedback from the developers. As this is a security issue, we cannot see the issue in the system.
Are there any devs on this mailing list? Can you confirm this issue is being worked on?
We have some ideas on how to fix it. None of them are super pleasant, though one would be very easy to implement. I'm not saying it would be an easy choice to implement as I said, none of the options are seem pleasant to us. If there is a decision to not fix the issue due to the performance tradeoffs, then that would be understandable. However, we would just like to get some word from the team that it is on a roadmap to even think about.
One of our customers submitted https://issues.redhat.com/browse/KEYCLOAK-19551 on 2021-10-14 but they appear to have not received any feedback from the developers. As this is a security issue, we cannot see the issue in the system.
Are there any devs on this mailing list? Can you confirm this issue is being worked on?
We have some ideas on how to fix it. None of them are super pleasant, though one would be very easy to implement. I'm not saying it would be an easy choice to implement as I said, none of the options are seem pleasant to us. If there is a decision to not fix the issue due to the performance tradeoffs, then that would be understandable. However, we would just like to get some word from the team that it is on a roadmap to even think about.
Best Regards,
Doug Whitfield
Reply all
Reply to author
Forward
0 new messages