Keycloak 24.0.5 release

netzbegruenung · Jun 4, 2024 · 98ccd1f · 98ccd1f
1 parent 4248c5b
commit 98ccd1f
Show file tree

Hide file tree

Showing 5 changed files with 123 additions and 1 deletion.
diff --git a/cache/releases/24.0.5/changelog.json b/cache/releases/24.0.5/changelog.json
@@ -0,0 +1,71 @@
+[ {
+  "number" : 29073,
+  "repository" : "keycloak",
+  "title" : "Use cache.compute() method to improve the replace retry loop",
+  "kind" : "enhancement",
+  "area" : null,
+  "url" : "https://github.com/keycloak/keycloak/issues/29073"
+}, {
+  "number" : 29129,
+  "repository" : "keycloak",
+  "title" : "JGroups creates log messages as it switched internally to \"trace\"",
+  "kind" : "bug",
+  "area" : "dist/quarkus",
+  "url" : "https://github.com/keycloak/keycloak/issues/29129"
+}, {
+  "number" : 29206,
+  "repository" : "keycloak",
+  "title" : "LDAP user creation reports error but user is created",
+  "kind" : "bug",
+  "area" : "ldap",
+  "url" : "https://github.com/keycloak/keycloak/issues/29206"
+}, {
+  "number" : 29280,
+  "repository" : "keycloak",
+  "title" : "Update Create Realm in Keycloak 24 Getting Started",
+  "kind" : "enhancement",
+  "area" : null,
+  "url" : "https://github.com/keycloak/keycloak/issues/29280"
+}, {
+  "number" : 29314,
+  "repository" : "keycloak",
+  "title" : "Clicking the \"save\" button multiple times in the Saml IDP configuration page corrupts the value of \"AuthnContext ClassRefs\"",
+  "kind" : "bug",
+  "area" : "admin/ui",
+  "url" : "https://github.com/keycloak/keycloak/issues/29314"
+}, {
+  "number" : 29458,
+  "repository" : "keycloak",
+  "title" : "Empty CSP header value breaks security filter",
+  "kind" : "bug",
+  "area" : "authentication",
+  "url" : "https://github.com/keycloak/keycloak/issues/29458"
+}, {
+  "number" : 29471,
+  "repository" : "keycloak",
+  "title" : "Cypress tests store videos even for passing tests",
+  "kind" : "bug",
+  "area" : "ci",
+  "url" : "https://github.com/keycloak/keycloak/issues/29471"
+}, {
+  "number" : 29525,
+  "repository" : "keycloak",
+  "title" : "Maven clean build doesn't clean admin client generated files",
+  "kind" : "bug",
+  "area" : "ci",
+  "url" : "https://github.com/keycloak/keycloak/issues/29525"
+}, {
+  "number" : 29554,
+  "repository" : "keycloak",
+  "title" : "Cypress failing on video recording",
+  "kind" : "bug",
+  "area" : "ci",
+  "url" : "https://github.com/keycloak/keycloak/issues/29554"
+}, {
+  "number" : 29625,
+  "repository" : "keycloak",
+  "title" : "Database driver install examples can lead to permission errors in some circumstances",
+  "kind" : "bug",
+  "area" : "docs",
+  "url" : "https://github.com/keycloak/keycloak/issues/29625"
+} ]
diff --git a/cache/releases/24.0.5/gh-release-notes.html b/cache/releases/24.0.5/gh-release-notes.html
@@ -0,0 +1,36 @@
+<div>
+    <h2>Highlights</h2>
+<div class="sect2">
+<h3 id="_security_issue_with_par_clients_using_client_secret_post_based_authentication">Security issue with PAR clients using client_secret_post based authentication</h3>
+<div class="paragraph">
+<p>This release contains the fix of the important security issue affecting some OIDC confidential clients using PAR (Pushed authorization request). In case you use OIDC confidential clients together
+with PAR and you use client authentication based on <code>client_id</code> and <code>client_secret</code> sent as parameters in the HTTP request body (method <code>client_secret_post</code> specified in the OIDC specification), it is
+highly encouraged to rotate the client secrets of your clients after upgrading to this version.</p>
+</div>
+</div>
+<h2>Upgrading</h2>
+<p>Before upgrading refer to <a href="file:/home/runner/work/keycloak-rel/keycloak-rel/target/web/docs/latest/upgrading/index.html#migration-changes">the migration guide</a> for a complete list of changes.</p>
+
+<h2>All resolved issues</h2>
+
+
+
+<h3>Enhancements</h3>
+<ul>
+<li><a href="https://github.com/keycloak/keycloak/issues/29073">#29073</a> Use cache.compute() method to improve the replace retry loop </li>
+<li><a href="https://github.com/keycloak/keycloak/issues/29280">#29280</a> Update Create Realm in Keycloak 24 Getting Started </li>
+</ul>
+
+<h3>Bugs</h3>
+<ul>
+<li><a href="https://github.com/keycloak/keycloak/issues/29129">#29129</a> JGroups creates log messages as it switched internally to "trace" <code>dist/quarkus</code></li>
+<li><a href="https://github.com/keycloak/keycloak/issues/29206">#29206</a> LDAP user creation reports error but user is created <code>ldap</code></li>
+<li><a href="https://github.com/keycloak/keycloak/issues/29314">#29314</a> Clicking the "save" button multiple times in the Saml IDP configuration page corrupts the value of "AuthnContext ClassRefs" <code>admin/ui</code></li>
+<li><a href="https://github.com/keycloak/keycloak/issues/29458">#29458</a> Empty CSP header value breaks security filter <code>authentication</code></li>
+<li><a href="https://github.com/keycloak/keycloak/issues/29471">#29471</a> Cypress tests store videos even for passing tests <code>ci</code></li>
+<li><a href="https://github.com/keycloak/keycloak/issues/29525">#29525</a> Maven clean build doesn't clean admin client generated files <code>ci</code></li>
+<li><a href="https://github.com/keycloak/keycloak/issues/29554">#29554</a> Cypress failing on video recording <code>ci</code></li>
+<li><a href="https://github.com/keycloak/keycloak/issues/29625">#29625</a> Database driver install examples can lead to permission errors in some circumstances <code>docs</code></li>
+</ul>
+
+</div>
diff --git a/cache/releases/24.0.5/release-notes.html b/cache/releases/24.0.5/release-notes.html
@@ -0,0 +1,8 @@
+<div class="sect2">
+<h3 id="_security_issue_with_par_clients_using_client_secret_post_based_authentication">Security issue with PAR clients using client_secret_post based authentication</h3>
+<div class="paragraph">
+<p>This release contains the fix of the important security issue affecting some OIDC confidential clients using PAR (Pushed authorization request). In case you use OIDC confidential clients together
+with PAR and you use client authentication based on <code>client_id</code> and <code>client_secret</code> sent as parameters in the HTTP request body (method <code>client_secret_post</code> specified in the OIDC specification), it is
+highly encouraged to rotate the client secrets of your clients after upgrading to this version.</p>
+</div>
+</div>
diff --git a/pom.xml b/pom.xml
@@ -21,7 +21,7 @@
         <version.commons-io>2.11.0</version.commons-io>
         <version.commons-compress>1.26.0</version.commons-compress>
 
-        <version.keycloak>24.0.4</version.keycloak>
+        <version.keycloak>24.0.5</version.keycloak>
 
         <version.frontend-maven-plugin>1.12.1</version.frontend-maven-plugin>
         <version.node>v16.13.1</version.node>

diff --git a/versions/24.0.5.json b/versions/24.0.5.json
@@ -0,0 +1,7 @@
+{
+  "date": "2024-06-04",
+  "version": "24.0.5",
+  "blogTemplate": 3,
+  "documentationTemplate": 11,
+  "downloadTemplate": 23
+}