Skip to content

fixes from release/20#15982

Merged
stianst merged 4 commits intokeycloak:mainfrom
stianst:fixes-from-release/20
Dec 14, 2022
Merged

fixes from release/20#15982
stianst merged 4 commits intokeycloak:mainfrom
stianst:fixes-from-release/20

Conversation

@stianst
Copy link
Contributor

@stianst stianst commented Dec 13, 2022
edited
Loading

  • Avoid path traversal vis double-url encoding of redirect URI
  • Do not resolve user session if corresponding auth session does not exist
  • Stabilizing the ConcurrentLoginTest when running with JPA map storage by locking user sessions

@stianst stianst added this to the 21.0.0 milestone Dec 13, 2022
ahus1
ahus1 approved these changes Dec 13, 2022
View reviewed changes
Copy link
Member

@ahus1 ahus1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for these fixes!

pedroigor
pedroigor approved these changes Dec 13, 2022
View reviewed changes
Copy link
Contributor

@pedroigor pedroigor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1 from my side.

@stianst stianst merged commit 0f2ca3b into keycloak:main Dec 14, 2022
@stianst stianst deleted the fixes-from-release/20 branch December 14, 2022 06:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@abstractj abstractj abstractj approved these changes

@pedroigor pedroigor pedroigor approved these changes

@mposolda mposolda mposolda approved these changes

@ahus1 ahus1 ahus1 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

21.0.0

Development

Successfully merging this pull request may close these issues.

5 participants

@stianst @abstractj @pedroigor @mposolda @ahus1