Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/jbossas/redhat-picketlink/pull/61, https://github.com/jbossas/redhat-picketlink-bindings/pull/47
Bugzilla References:
https://bugzilla.redhat.com/show_bug.cgi?id=1594389

This was partially fixed in EAP 6.4.19, but there are other settings ( LogOutUrl, LogOutResponseLocation, etc) in the picketlink.xml that still do not allow for variable substitution.

clones

JBEAP-14929 [GSS](7.1.z) (picketlink) The fix for CVE-2017-2582 breaks the feature of attribute replacement with system property in picketlink.xml

Closed

is related to

PLINK-776 [GSS](7.2.0) The fix for CVE-2017-2582 breaks the feature of attribute replacement with system property in picketlink.xml

Resolved

JBEAP-15316 [GSS](7.1.z) (picketlink-bindings) The fix for CVE-2017-2582 breaks the feature of attribute replacement with system property in picketlink.xml

Closed

Assignee:: Pedro Igor Craveiro

Reporter:: Jiri Ondrusek

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2018/07/16 4:30 AM

Updated:: 2018/08/27 1:43 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates