Community Packages

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#66642 - [keycloak] [Security] arbitrary code execution (CVE-2020-1714)

Attached to Project: Community Packages
Opened by Morten Linderud (Foxboron) - Wednesday, 13 May 2020, 21:23 GMT
Last edited by Sven-Hendrik Haase (Svenstaro) - Sunday, 17 May 2020, 23:49 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Sven-Hendrik Haase (Svenstaro)
Levente Polyak (anthraxx)
Architecture All
Severity High
Priority Urgent
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No



The package keycloak is vulnerable to arbitrary code execution via CVE-2020-1714.


Upgrade the package to newest release or pull the patch.

This task depends upon

Closed by  Sven-Hendrik Haase (Svenstaro)
Sunday, 17 May 2020, 23:49 GMT
Reason for closing:  Fixed
Comment by Sven-Hendrik Haase (Svenstaro) - Wednesday, 13 May 2020, 23:26 GMT
PR patch applied and pushed in 10.0.0-2. Also updated our own installation of keycloak.