ChangeLog: https://www.keycloak.org/2023/01/keycloak-2003-released.html
* User role mapping tab: Show effective client roles for a user keycloak-ui
section/users
* ProviderConfigProperty.MAP_TYPE error in new UI keycloak-ui section/identity
providers
* Unable to turn on "Bypass identity confirmation" keycloak-ui
section/authentication
* Adding Form sub-flow broken on admin v2 keycloak-ui section/authentication
* Custom User Provider SPI: There are no settings to configure the periodically
synchronization of users keycloak-ui section/user federation
* Assign roles to account - paging doesn't work keycloak-ui section/users
* Realm selector requires two clicks to select something keycloak-ui
section/realms
* User management -> User in 2 subgroups with the same group name assignment
does not work keycloak-ui section/users
* Invalid language tag error when changing realm localization settings
keycloak-ui section/realm settings
* `Missing ":type" param` in the Events page when there are Client Scope
events keycloak-ui section/events
* Import client broken keycloak-ui section/clients
* New Admin Console only, unable to add client profile in the first client
policy keycloak-ui section/realm settings
* Disabling hostname strict in prod doesn't disable https keycloak dist/quarkus
* snakeyaml vulnerability GHSA-3mc7-4q67-w48m impacting CLI keycloak admin/cli
* The redirect URI cannot be verified during logout in the case when client
was removed keycloak oidc
* Wrong auth session id being used when validating auth session id cookies
keycloak core
* Update XStream to 1.4.20 to fix CVE-2022-40151 & CVE-2022-41966 keycloak
* Timeout when executing command PutMapCommand keycloak storage
* Set OkHttp to 4.10.0 in parent pom keycloak
* Lack of validation of access token on client registrations endpoint keycloak
oidc
PR: 268939
Reported by: freebsd@rheinwolf.de (maintainer)
MFH: 2023Q1 (bugfix, security fixes)
Security: CVE-2022-40151, CVE-2022-41966
(cherry picked from commit db9a594cc0)
dfa7df62bc