Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Make sure updates do not allow updating the resource associated with the uma policy#46154

Merged
stianst merged 1 commit intokeycloak:mainfrom
pedroigor:issue-297
Feb 10, 2026
Merged

Make sure updates do not allow updating the resource associated with the uma policy#46154
stianst merged 1 commit intokeycloak:mainfrom
pedroigor:issue-297

Conversation

@pedroigor
Copy link
Contributor

@pedroigor pedroigor commented Feb 10, 2026
edited
Loading

Closes #46147

@pedroigor pedroigor requested review from a team as code owners February 10, 2026 10:26
stianst
stianst requested changes Feb 10, 2026
View reviewed changes
Copy link
Contributor

@stianst stianst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Commit refers to wrong issue should be #46147

@stianst stianst self-assigned this Feb 10, 2026
stianst
stianst reviewed Feb 10, 2026
View reviewed changes
...in/java/org/keycloak/testsuite/arquillian/containers/AbstractQuarkusDeployableContainer.java Outdated

if (System.getProperty("auth.server.host") != null) {
commands.add("-Dauth.server.host=" + System.getProperty("auth.server.host"));
// commands.add("-Dauth.server.host=" + System.getProperty("auth.server.host"));
Copy link
Contributor

@stianst stianst Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

?

Copy link
Contributor Author

@pedroigor pedroigor Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed, unrelated.

stianst
stianst reviewed Feb 10, 2026
View reviewed changes
...in/java/org/keycloak/testsuite/arquillian/containers/AbstractQuarkusDeployableContainer.java Outdated
commands.add("--cache=local");
// Save ~2s for each Quarkus startup, when we know ISPN cluster is empty. See https://github.com/keycloak/keycloak/issues/21033
commands.add("-Djgroups.join_timeout=10");
// commands.add("-Djgroups.join_timeout=10");
Copy link
Contributor

@stianst stianst Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

?

Copy link
Contributor Author

@pedroigor pedroigor Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed, unrelated.

@stianst stianst enabled auto-merge (squash) February 10, 2026 15:39
@stianst stianst merged commit 2959457 into keycloak:main Feb 10, 2026
90 of 92 checks passed
ruchikajha95 pushed a commit to ruchikajha95/keycloak that referenced this pull request Feb 12, 2026
@pedroigor @ruchikajha95
Make sure updates do not allow updating the resource associated with …
2cb9b88 
…the uma policy (keycloak#46154)

Closes keycloak#46147

Signed-off-by: Pedro Igor <[email protected]>
msdaly200 pushed a commit to msdaly200/keycloak that referenced this pull request Feb 13, 2026
@pedroigor @msdaly200
Make sure updates do not allow updating the resource associated with …
897a861 
…the uma policy (keycloak#46154)

Closes keycloak#46147

Signed-off-by: Pedro Igor <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stianst stianst stianst approved these changes

Assignees

@stianst stianst

Labels

team/cloud-native team/core-clients team/core-iam

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

CVE-2025-14778 Incorrect ownership checks in /uma-policy/

2 participants

@pedroigor @stianst