gcg/keycloak-mailcow
gcg/keycloak-mailcow
0
0
Fork 0
Code Issues Pull Requests Actions Releases 3 Activity

Update version.keycloak to v26.0.6 #28

Merged
Renovate Bot (Automatisiert) merged 1 commits from renovate/version.keycloak into main 2024-11-23 01:04:19 +01:00
Conversation 0 Commits 1 Files Changed 1 +1 -1
Renovate Bot (Automatisiert) commented 2024-11-23 01:02:56 +01:00
Owner
Copy Link

This PR contains the following updates:

Package Type Update Change
org.keycloak:keycloak-services (source) provided patch 26.0.5 -> 26.0.6
org.keycloak:keycloak-server-spi-private (source) provided patch 26.0.5 -> 26.0.6
org.keycloak:keycloak-model-storage (source) provided patch 26.0.5 -> 26.0.6
org.keycloak:keycloak-server-spi (source) provided patch 26.0.5 -> 26.0.6
org.keycloak:keycloak-core (source) provided patch 26.0.5 -> 26.0.6

Release Notes

keycloak/keycloak (org.keycloak:keycloak-services)

v26.0.6

Compare Source

Highlights

Admin events might include now additional details about the context when the event is fired

In this release, admin events might hold additional details about the context when the event is fired. When upgrading you should expect the database schema being updated to add a new column DETAILS_JSON to the ADMIN_EVENT_ENTITY table.

Updates to documentation of X.509 client certificate lookup via proxy

Potential vulnerable configurations have been identified in the X.509 client certificate lookup when using a reverse proxy. Additional configuration steps might be required depending on your current configuration. Make sure to review the updated reverse proxy guide if you have configured the client certificate lookup via a proxy header.

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Enhancements

  • #​34315 Update the Keycloak CPU and Memory sizing guide to reflect the new ec2 workder nodes
  • #​34386 Some dynamic imported functions are also statically imported making bundling them in-efficient
  • #​34570 Make documentation more clear that keycloak javascript adapter and node.js adapter are OIDC docs
  • #​34855 Add conditional text to Installation Locations
  • #​34873 Update Leveraging JaKarta EE in Server Development guide
  • #​34887 Apply QE edits to High Availability guide

Bugs

  • #​609 Workflow failure - Jakarta - SAMLServiceProviderTest.testAccessAccountManagement
  • #​11008 Incorrect get the members of a group imported from LDAP ldap
  • #​17593 Incorrect ldap-group-mapper chosen to sync changes to ActiveDirectory when several mappers with varying group paths used ldap
  • #​19652 Members are inhereted from LDAP group with the same name ldap
  • #​23732 JavascriptAdapterTest errors when running with strict cookies on Firefox ci
  • #​27856 Social login - Stack Overflow test fails ci
  • #​31456 Enabling/Disabling user does not work with Microsoft AD LDAP via Admin API/UI ldap
  • #​32786 Organization Domain not marked as a required field in the Admin UI admin/ui
  • #​33531 Previously entered translations should persist in the translation dialog for the attribute groups admin/ui
  • #​34013 Add More Info to Organization Events organizations
  • #​34065 Users without `view-realm` can't see user lockout state in Admin UI admin/ui
  • #​34201 OIDC IdP Unable to validate signatures using validatingPublicKey certificate admin/ui
  • #​34335 NPE in Organization(s)Resource when using Quarkus Rest Client admin/api
  • #​34401 Incorrect Content-Type Expectation for POST /admin/realms/{realm}/organizations/{id}/members in Keycloak API admin/api
  • #​34465 Missing help icons in Webauthn Policy and Webauthn Passwordless Policy missing in admin ui admin/ui
  • #​34519 Clicking on link to Keycloak documentation from Keycloak admin UI does nothing instead of opening documentation admin/ui
  • #​34549 Quarkus dev mode does not work dist/quarkus
  • #​34572 Text in "Choose a policy type" is not wrapping admin/ui
  • #​34603 NPE in InfinispanOrganizationProvider if userCache is disabled infinispan
  • #​34624 Securing apps guide breaks downstream docs
  • #​34634 Missing downstream explicit name for anchors docs
  • #​34644 KC_CACHE_EMBEDDED_MTLS_ENABLED is ignored infinispan
  • #​34671 `ClientConnection.getRemoteAddr` can return a hostname when behind a reverse proxy core
  • #​34687 New credential templates broken in KC26 login/ui
  • #​34905 [Keycloak CI] Outdated surefire artifacts names - Quarkus IT and UT ci
  • #​35213 CVE-2024-10451 Sensitive Data Exposure in Keycloak Build Process
  • #​35214 CVE-2024-10270 Potential Denial of Service
  • #​35215 CVE-2024-10492 Keycloak path trasversal
  • #​35216 CVE-2024-9666 Keycloak proxy header handling Denial-of-Service (DoS) vulnerability
  • #​35217 CVE-2024-10039 Bypassing mTLS validation

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [org.keycloak:keycloak-services](http://keycloak.org) ([source](https://github.com/keycloak/keycloak)) | provided | patch | `26.0.5` -> `26.0.6` | | [org.keycloak:keycloak-server-spi-private](http://keycloak.org) ([source](https://github.com/keycloak/keycloak)) | provided | patch | `26.0.5` -> `26.0.6` | | [org.keycloak:keycloak-model-storage](http://keycloak.org) ([source](https://github.com/keycloak/keycloak)) | provided | patch | `26.0.5` -> `26.0.6` | | [org.keycloak:keycloak-server-spi](http://keycloak.org) ([source](https://github.com/keycloak/keycloak)) | provided | patch | `26.0.5` -> `26.0.6` | | [org.keycloak:keycloak-core](http://keycloak.org) ([source](https://github.com/keycloak/keycloak)) | provided | patch | `26.0.5` -> `26.0.6` | --- ### Release Notes <details> <summary>keycloak/keycloak (org.keycloak:keycloak-services)</summary> ### [`v26.0.6`](https://github.com/keycloak/keycloak/releases/tag/26.0.6) [Compare Source](https://github.com/keycloak/keycloak/compare/26.0.5...26.0.6) <div> <h2>Highlights</h2> <div class="sect2"> <h3 id="_admin_events_might_include_now_additional_details_about_the_context_when_the_event_is_fired">Admin events might include now additional details about the context when the event is fired</h3> <div class="paragraph"> <p>In this release, admin events might hold additional details about the context when the event is fired. When upgrading you should expect the database schema being updated to add a new column <code>DETAILS_JSON</code> to the <code>ADMIN_EVENT_ENTITY</code> table.</p> </div> </div> <div class="sect2"> <h3 id="_updates_to_documentation_of_x_509_client_certificate_lookup_via_proxy">Updates to documentation of X.509 client certificate lookup via proxy</h3> <div class="paragraph"> <p>Potential vulnerable configurations have been identified in the X.509 client certificate lookup when using a reverse proxy. Additional configuration steps might be required depending on your current configuration. Make sure to review the updated <a href="https://www.keycloak.org/server/reverseproxy#_enabling_client_certificate_lookup">reverse proxy guide</a> if you have configured the client certificate lookup via a proxy header.</p> </div> </div> <h2>Upgrading</h2> <p>Before upgrading refer to <a href="file:/home/runner/work/keycloak-rel/keycloak-rel/target/web/docs/latest/upgrading/index.html#migration-changes">the migration guide</a> for a complete list of changes.</p> <h2>All resolved issues</h2> <h3>Enhancements</h3> <ul> <li><a href="https://github.com/keycloak/keycloak/issues/34315">#&#8203;34315</a> Update the Keycloak CPU and Memory sizing guide to reflect the new ec2 workder nodes </li> <li><a href="https://github.com/keycloak/keycloak/issues/34386">#&#8203;34386</a> Some dynamic imported functions are also statically imported making bundling them in-efficient </li> <li><a href="https://github.com/keycloak/keycloak/issues/34570">#&#8203;34570</a> Make documentation more clear that keycloak javascript adapter and node.js adapter are OIDC <code>docs</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34855">#&#8203;34855</a> Add conditional text to Installation Locations </li> <li><a href="https://github.com/keycloak/keycloak/issues/34873">#&#8203;34873</a> Update Leveraging JaKarta EE in Server Development guide </li> <li><a href="https://github.com/keycloak/keycloak/issues/34887">#&#8203;34887</a> Apply QE edits to High Availability guide </li> </ul> <h3>Bugs</h3> <ul> <li><a href="https://github.com/keycloak/keycloak-quickstarts/issues/609">#&#8203;609</a> Workflow failure - Jakarta - SAMLServiceProviderTest.testAccessAccountManagement </li> <li><a href="https://github.com/keycloak/keycloak/issues/11008">#&#8203;11008</a> Incorrect get the members of a group imported from LDAP <code>ldap</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/17593">#&#8203;17593</a> Incorrect ldap-group-mapper chosen to sync changes to ActiveDirectory when several mappers with varying group paths used <code>ldap</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/19652">#&#8203;19652</a> Members are inhereted from LDAP group with the same name <code>ldap</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/23732">#&#8203;23732</a> JavascriptAdapterTest errors when running with strict cookies on Firefox <code>ci</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/27856">#&#8203;27856</a> Social login - Stack Overflow test fails <code>ci</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/31456">#&#8203;31456</a> Enabling/Disabling user does not work with Microsoft AD LDAP via Admin API/UI <code>ldap</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/32786">#&#8203;32786</a> Organization Domain not marked as a required field in the Admin UI <code>admin/ui</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/33531">#&#8203;33531</a> Previously entered translations should persist in the translation dialog for the attribute groups <code>admin/ui</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34013">#&#8203;34013</a> Add More Info to Organization Events <code>organizations</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34065">#&#8203;34065</a> Users without `view-realm` can't see user lockout state in Admin UI <code>admin/ui</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34201">#&#8203;34201</a> OIDC IdP Unable to validate signatures using validatingPublicKey certificate <code>admin/ui</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34335">#&#8203;34335</a> NPE in Organization(s)Resource when using Quarkus Rest Client <code>admin/api</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34401">#&#8203;34401</a> Incorrect Content-Type Expectation for POST /admin/realms/{realm}/organizations/{id}/members in Keycloak API <code>admin/api</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34465">#&#8203;34465</a> Missing help icons in Webauthn Policy and Webauthn Passwordless Policy missing in admin ui <code>admin/ui</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34519">#&#8203;34519</a> Clicking on link to Keycloak documentation from Keycloak admin UI does nothing instead of opening documentation <code>admin/ui</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34549">#&#8203;34549</a> Quarkus dev mode does not work <code>dist/quarkus</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34572">#&#8203;34572</a> Text in "Choose a policy type" is not wrapping <code>admin/ui</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34603">#&#8203;34603</a> NPE in InfinispanOrganizationProvider if userCache is disabled <code>infinispan</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34624">#&#8203;34624</a> Securing apps guide breaks downstream <code>docs</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34634">#&#8203;34634</a> Missing downstream explicit name for anchors <code>docs</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34644">#&#8203;34644</a> KC_CACHE_EMBEDDED_MTLS_ENABLED is ignored <code>infinispan</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34671">#&#8203;34671</a> `ClientConnection.getRemoteAddr` can return a hostname when behind a reverse proxy <code>core</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34687">#&#8203;34687</a> New credential templates broken in KC26 <code>login/ui</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/34905">#&#8203;34905</a> [Keycloak CI] Outdated surefire artifacts names - Quarkus IT and UT <code>ci</code></li> <li><a href="https://github.com/keycloak/keycloak/issues/35213">#&#8203;35213</a> CVE-2024-10451 Sensitive Data Exposure in Keycloak Build Process </li> <li><a href="https://github.com/keycloak/keycloak/issues/35214">#&#8203;35214</a> CVE-2024-10270 Potential Denial of Service </li> <li><a href="https://github.com/keycloak/keycloak/issues/35215">#&#8203;35215</a> CVE-2024-10492 Keycloak path trasversal </li> <li><a href="https://github.com/keycloak/keycloak/issues/35216">#&#8203;35216</a> CVE-2024-9666 Keycloak proxy header handling Denial-of-Service (DoS) vulnerability </li> <li><a href="https://github.com/keycloak/keycloak/issues/35217">#&#8203;35217</a> CVE-2024-10039 Bypassing mTLS validation </li> </ul> </div> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjAuMSIsInVwZGF0ZWRJblZlciI6IjM3LjQyMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
Renovate Bot (Automatisiert) added 1 commit 2024-11-23 01:02:57 +01:00
Update version.keycloak to v26.0.6
All checks were successful
Keycloak mailcow Build / Build und Bereitstellung (pull_request) Successful in 19s
Details
Keycloak mailcow Build / Build und Bereitstellung (push) Successful in 14s
Details
95506882ce
Renovate Bot (Automatisiert) scheduled this pull request to auto merge when all checks succeed 2024-11-23 01:02:57 +01:00
Renovate Bot (Automatisiert) merged commit 95506882ce into main 2024-11-23 01:04:19 +01:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
Art
Feature
Dieses Issue behandelt ein neues Feature
Art
Problem
Dieses Issue beschreibt ein bestehendes Problem
Art
Verbesserung
Die beschriebene Veränderung verbessert ein bestehendes Feature.
Automatisiert
Dieses Issue wird von einer Maschine verwaltet.
Bereich
Infrastruktur
Dieses Issue betrifft den internen Infrastruktur-Aufbau
Bereich
Intern
Dieses Issue betrifft eine interne Angelegenheit
Bereich
Öffentlich
Dieses Issue betrifft einen öffentlichen Bereich des Diensts
Priorität
gering
Priorität
hoch
Priorität
zeitnah
Status
Abstellgleis
Dieses Issue kann voraussichtlich nicht in nächster Zeit gelöst werden.
Status
Vorschlag
Die beschriebene Veränderung ist ein Vorschlag und steht zur Diskussion
Status
zu untersuchen
Der Ursprung dieses Problems ist noch unklar.
Zuarbeit
Dieses Issue erfordert externe Zuarbeit
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: gcg/keycloak-mailcow#28
No description provided.
Delete Branch "renovate/version.keycloak"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?