Security Updates for Keycloak

prack · June 28, 2021, 3:05pm

Hello,

I might just overlooked the documentation but how is the policy for security updates for Keycloak Major versions.

If I run Keycloak 11.0.2 do I have the latest security patches included?
When does a Keycloak major version get deprecated? (or do I have to always use the latest version right now 14.0.0)

Any advice / direction is welcome

dasniko · June 29, 2021, 5:41am

There is no real/official update-policy.
As Keycloak is an open source software with only “community support”, it is recommended to use always the most recent version to get the latest bugfixes and security patches.
As soon as there is a new major version, the previous version won’t be maintained anymore.

See also Keycloak - Blog - Keycloak Releases and Versioning

There is also a product with commercial support, fully based on Keycloak, called “Red Hat Single Sign On”. For RH-SSO other update policies apply!

prack · June 29, 2021, 6:50am

Thank you - so as i assumed to be secure we would have to always use the latest version as of now 14.0.0

Topic		Replies	Views
Official support for Keycloak	3	2570	February 7, 2022
Keycloak compatibility with RedHat Getting advice	0	266	June 10, 2022
Keycloak support LTS	1	464	May 12, 2023
Support for Opensource Keycloak Getting advice	0	317	October 10, 2022
Old Keycloak Downloads	2	3856	October 19, 2022

Security Updates for Keycloak

Related Topics