FreeBSD Bugzilla – Attachment 255465 Details for
Bug 282983
net/keycloak: Update to 26.0.6
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
security/vuxml
security_vuxml.diff (text/plain), 1.62 KB, created by
Matthias Wolf
on 2024-11-26 10:08:50 UTC
(
hide
)
Description:
security/vuxml
Filename:
MIME Type:
Creator:
Matthias Wolf
Created:
2024-11-26 10:08:50 UTC
Size:
1.62 KB
patch
obsolete
>diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml >index 68f45eb976..eec3f260c1 100644 >--- a/security/vuxml/vuln/2024.xml >+++ b/security/vuxml/vuln/2024.xml >@@ -1,3 +1,38 @@ >+ <vuln vid="7d7a28cd-7f5a-450a-852f-c49aaab3fa7e"> >+ <topic>keycloak -- Multiple security fixes</topic> >+ <affects> >+ <package> >+ <name>keycloak</name> >+ <range><lt>26.0.6</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>Keycloak reports:</p> >+ <blockquote cite="https://www.keycloak.org/2024/11/keycloak-2606-released.html"> >+ <p>This update includes 5 security fixes:</p> >+ <ul> >+ <li>CVE-2024-10451: Sensitive Data Exposure in Keycloak Build Process</li> >+ <li>CVE-2024-10270: Potential Denial of Service</li> >+ <li>CVE-2024-10492: Keycloak path trasversal</li> >+ <li>CVE-2024-9666: Keycloak proxy header handling Denial-of-Service (DoS) vulnerability</li> >+ <li>CVE-2024-10039: Bypassing mTLS validation</li> >+ </ul> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <cvename>CVE-2021-9666</cvename> >+ <cvename>CVE-2021-10039</cvename> >+ <cvename>CVE-2021-10270</cvename> >+ <cvename>CVE-2021-10451</cvename> >+ <cvename>CVE-2021-10492</cvename> >+ </references> >+ <dates> >+ <discovery>2024-11-22</discovery> >+ <entry>2024-11-25</entry> >+ </dates> >+ </vuln> > <vuln vid="889eddee-a964-11ef-b680-4ccc6adda413"> > <topic>qt6-webengine -- Multiple vulnerabilities</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=255465">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 282983
:
255464
| 255465