Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak
project, that provides authentication and standards-based single sign-on
capabilities for web and mobile applications.
This asynchronous patch is a security update for wildfly-core and apache-cxf packages in Red Hat Single Sign-On 7.2.
Security Fix(es):
apache-cxf: TLS hostname verification does not work correctly with com.sun.net.ssl.* (CVE-2018-8039)
wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files. (CVE-2018-10862)