[
https://issues.apache.org/jira/browse/IGNITE-10801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16956870#comment-16956870
]
Rajesh commented on IGNITE-10801:
---------------------------------
There is a security vulnerability with H2 version 1.4.96.
*H2 1.4.197, allows remote code execution because CREATE ALIAS can execute
arbitrary Java code.*
Ignite should use the higher version of H2 where these severe security
vulnerabilities are fixed.
> Upgrade H2 version up to 1.4.199
> --------------------------------
>
> Key: IGNITE-10801
> URL: https://issues.apache.org/jira/browse/IGNITE-10801
> Project: Ignite
> Issue Type: Improvement
> Components: sql
> Affects Versions: 2.7
> Reporter: Sergey Antonov
> Priority: Critical
> Labels: sql
> Fix For: 2.8
>
>
> After h2 1.4.199 release we should upgrade h2 version using in AI, because of
> important bugs will be fixed there. For example
> https://github.com/h2database/h2database/issues/1057
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
