- Issued:
- 2025-07-23
- Updated:
- 2025-07-23
RHSA-2025:11639 - Security Advisory
Synopsis
Moderate: Red Hat Single Sign-On 7.6.12 security update on RHEL 8
Type/Severity
Security Advisory: Moderate
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
New Red Hat Single Sign-On 7.6.12 packages are now available for Red Hat
Enterprise Linux 8.
Description
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.12 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.11, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. This security update has moderate impact.
Security fixes:
- org.wildfly.core/wildfly-core-management-client: Wildfly vulnerable to Cross-Site Scripting (XSS) (CVE-2024-10234)
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Single Sign-On 7.6 for RHEL 8 x86_64
Fixes
- BZ - 2320848 - CVE-2024-10234 wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)
CVEs
Red Hat Single Sign-On 7.6 for RHEL 8
| SRPM | |
|---|---|
| rh-sso7-keycloak-18.0.19-1.redhat_00002.1.el8sso.src.rpm | SHA-256: 387ebd23274d0320e4ef1d20311f0ccc8d276ad84ef57d311035816a9129637d |
| x86_64 | |
| rh-sso7-keycloak-18.0.19-1.redhat_00002.1.el8sso.noarch.rpm | SHA-256: 6d1ea14c26737b88946ccd71c50df66e930a43b755763a039a93de0a87a028d1 |
| rh-sso7-keycloak-server-18.0.19-1.redhat_00002.1.el8sso.noarch.rpm | SHA-256: ca10b29f06b83454fb9f6ff1fbd8b93dbf8844bac608416ca4aa8629df123634 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
