This software patch resolves a number of security defects and customer reported bugs in Red Hat Single Sign-On 7.2. RH-SSO will deliver patches on a repeating schedule to resolve security defects and customer reported bugs. Fixes for RH-SSO 7.2 will continue until RH-SSO 7.3 is released, and at that time maintenance will be delivered on RH-SSO 7.3.
Updated client adapters are released as needed to resolve customer reported issues or security fixes. The adapters are released as needed so often a given cumulative patch version will not have an associated client adapter for all products.
For more information on which client adapters are tested and supported with Red Hat Single Sign-On versions see: Red Hat Single Sign-On adapter and server compatibility
This update includes the following bug fixes or changes:
| ID | Component | Summary |
|---|---|---|
| KEYCLOAK-6164 | Authorization services | Authorization services client updated to support JDK7 |
| KEYCLOAK-6286 | Adapters | Java adapters for RH-SSO 7.1 don't remove "session_state" from URL after login to RH-SSO 7.2 |
| KEYCLOAK-6159 | Admin Console, Authorization Services | Resource Permission UI not enabling save button when no policies are set |
| KEYCLOAK-6309 | Adapter | EAP 6 SAML filter fails while downloading keys from Keycloak server when SSL is enabled |
| KEYCLOAK-6154 | Exclude common-logging/codec from keycloak-osgi-thirdparty | |
| KEYCLOAK-6171 | Adapter - Node.js | Node.js adapter doesn't remove "session_state" from URL after login |
| RHSSO-1233 (internal) | Server | Upgrade to Drools 6.5.0.Final to resolve CVE-2017-7957 in xstream |
| KEYCLOAK-6474 | Server | NPE on SAML logout |
| KEYCLOAK-2120 | Server | Unable to add an Authenticator app without scanning QR. Manual setting of a OTP generator (without using QR) can't be done because of missing detailed parameters (SHA1/256/512, number of digits, ...) on the Authenticator page. |
For instructions on applying Red Hat Single Sign-On cumulative patch (also referred to as a Micro Release) see Micro Upgrades in Red Hat Single Sign-On 7.2 Patching And Upgrading Guide.
The adapters are distributed as a full release which is intended to replace the existing adapter. Full details are available in Upgrading Red Hat Single Sign-On Adapters.