[jira] [Updated] (FLINK-25785) Update com.h2database:h2 to 2.0.210

Martijn Visser (Jira) Mon, 24 Jan 2022 04:47:23 -0800


     [ 
https://issues.apache.org/jira/browse/FLINK-25785?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Martijn Visser updated FLINK-25785:
-----------------------------------
    Summary: Update com.h2database:h2 to 2.0.210  (was: Update 
com.h2database:h2 to 2.0.206)

> Update com.h2database:h2 to 2.0.210
> -----------------------------------
>
>                 Key: FLINK-25785
>                 URL: https://issues.apache.org/jira/browse/FLINK-25785
>             Project: Flink
>          Issue Type: Technical Debt
>          Components: Connectors / JDBC
>    Affects Versions: 1.15.0, 1.13.5, 1.14.3
>            Reporter: Martijn Visser
>            Priority: Major
>
> Two security vulnerabilities in H2 Console (CVE-2022-23221 and possible DNS 
> rebinding attack) are fixed.
> Note: Flink is using this dependency only for testing, so it's not directly 
> impacted by the CVE. We just want to be good citizens and update our 
> dependencies



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (FLINK-25785) Update com.h2database:h2 to 2.0.210

Reply via email to