Hello, In order to fix CVE-2021-42392, I have to upgrade to H2 v2.0.206 However, a lot of tests fail with this version, I don't known if it's a bugs or intended changed..
1/ BOOLEAN and INTEGER can't be compared anymore This breaks hibernate, and other queries (in camunda for example) 2/ VALUE is now a reserved keyword (?) Flyway is this query, which doesn't work with H2 anymore : Erreur de syntaxe dans l'instruction SQL "SELECT VALUE[*] FROM INFORMATION_SCHEMA.SETTINGS WHERE NAME = 'info.BUILD_ID'"; attendu "TOP, DISTINCT, ALL, ,, NOT, EXISTS, INTERSECTS, UNIQUE" Creating a table with a column "value" doesn't work anymore,, with the error "expected identifier". value has to be quoted. Moreover "value" is not declared in the list of sql keywords 3/ ID is now a reserved keyword (?) It's not possible to create a table with a column ID without using quote this make upgrading H2 and fixing the CVE really difficult, especially since the policy of H2 is to not backport security issue. Are this point issues or planned change ? Regards, Jérémie -- You received this message because you are subscribed to the Google Groups "H2 Database" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/h2-database/ed7b3068-3507-438e-b7d6-a9e39fc6c93fn%40googlegroups.com.
