Download
| Alert*
|
oval:org.secpod.oval:def:503245
The keycloak-httpd-client-install packages provide various libraries and tools that can automate and simplify the configuration of Apache httpd authentication modules when registering as a Red Hat Single Sign-On federated Identity Provider client. The following packages have been upgraded to a lat ... oval:org.secpod.oval:def:113911 Keycloak is a federated Identity Provider . Apache HTTPD supports a variety of authentication modules which can be configured to utilize a Keycloak IdP to perform authentication. This package contains libraries and tools which can automate and simplify configuring an Apache HTTPD authentication modu ... oval:org.secpod.oval:def:1700240 It was discovered that keycloak-httpd-client-install uses a predictable log file name in /tmp. A local attacker could create a symbolic link to a sensitive location, possibly causing data corruption or denial of service.In keycloak-http-client-install prior to version 0.8, the admin password could b ... oval:org.secpod.oval:def:1504216 [0.8-1] - Resolves: rhbz#1673716 - Rebase k-h-c-i to version 0.8 - The rebase also includes fixes for: - rhbz#1533190 - CVE-2017-15111 keycloak-httpd-client-install: unsafe /tmp log file in --log-file option in keycloak_cli.py - rhbz#1533202 - CVE-2017-15112 keycloak-httpd-client-install: unsafe use ... oval:org.secpod.oval:def:205296 The keycloak-httpd-client-install packages provide various libraries and tools that can automate and simplify the configuration of Apache httpd authentication modules when registering as a Red Hat Single Sign-On federated Identity Provider client. The following packages have been upgraded to a lat ... |
