generator-jhipster icon indicating copy to clipboard operation
generator-jhipster copied to clipboard

Published 20 hours ago verified publisher icon jhipster

Upgrade H2 database to 2.0.206+

Open sbouchex opened this issue 3 years ago • 2 comments

Overview of the issue

A RCE has been reported on H2 database (see https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6), so an upgrade is needed

Motivation for or Use Case

RCE

Reproduce the error

see https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6

Related issues
Suggest a Fix

Upgrade the H2 database

JHipster Version(s)

7.5.0

  • [X] Checking this box is mandatory (this is just to show you read everything)

sbouchex avatar Jan 10 '22 12:01 sbouchex

@sbouchex Not sure we can do the upgrade to 2.0.206 since it includes some breaking changes. See spring-projects/spring-boot#29200

DanielFran avatar Jan 10 '22 13:01 DanielFran

This is partially done. Refer to https://github.com/jhipster/generator-jhipster/pull/18939#issuecomment-1167262967.

Blocked on https://github.com/liquibase/liquibase/issues/2306.

mshima avatar Jun 27 '22 13:06 mshima