Sander Henning created IGNITE-16441:
---------------------------------------
Summary: Upgrade H2 to version 2.0.206+ to resolve critical
vulnerability
Key: IGNITE-16441
URL: https://issues.apache.org/jira/browse/IGNITE-16441
Project: Ignite
Issue Type: Improvement
Components: h2-limitation
Reporter: Sander Henning
Critical bug found with the current version of h2 used by ignite 1.4.197 that
affects all releases of ignite. Please upgrade h2 to use version 2.0.206 or
greater. This version of h2 is not backwards compatible, so modifying the h2
functions used in ignite may be necessary.
CVE-2021-42392
[https://nvd.nist.gov/vuln/detail/CVE-2021-42392]
My development team heavily uses apache ignite and hopes to continue so.
However, this is a critical vulnerability, so our security team has made the
decision to stop developing with ignite until this vulnerability is patched.
Please make this upgrade asap so users can continue to use this product without
fear of a security breach.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
