[
https://issues.apache.org/jira/browse/CALCITE-5007?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated CALCITE-5007:
------------------------------------
Labels: pull-request-available (was: )
> Upgrade H2 database version to 2.1.210
> --------------------------------------
>
> Key: CALCITE-5007
> URL: https://issues.apache.org/jira/browse/CALCITE-5007
> Project: Calcite
> Issue Type: Task
> Reporter: Stamatis Zampetakis
> Assignee: Stamatis Zampetakis
> Priority: Trivial
> Labels: pull-request-available
> Fix For: 1.30.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The 1.4.197 version suffers from
> https://nvd.nist.gov/vuln/detail/CVE-2018-10054.
> In the project, we use H2 only for testing purposes thus the H2 binaries are
> not present in the runtime classpath thus CVE-2018-10054 does not pose a
> problem for Calcite or its users. Nevertheless, it would be good to upgrade
> to a more recent version to avoid Calcite coming up in vulnerability scans
> due to this.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
