Re: H2 version security concern

;user@ignite.apache.org" Date: Wednesday, December 11, 2019 at 04:40 To: "user@ignite.apache.org" , "Sobolevsky, Vladik" Subject: Re: H2 version security concern Hi, Mentioned CVE has no affect Ignite. Please, see discussion on dev-list. http://apache-ignite-devel

RE: H2 version security concern

mber 10, 2019 5:22 PM To: user@ignite.apache.org Subject: Re: H2 version security concern Hi, There are plans to replace H2 with Calcite. You can read more about it on dev list, I've seen several threads regarding this topic there. Evgenii вт, 10 дек. 2019 г. в 13:29, Sobolevsky, Vladik mai

Re: H2 version security concern

Hi, Mentioned CVE has no affect Ignite. Please, see discussion on dev-list. http://apache-ignite-developers.2346864.n4.nabble.com/H2-license-and-vulnerabilities-td40417.html#a40418 On Wed, Dec 11, 2019 at 2:22 AM Evgenii Zhuravlev wrote: > Hi, > > There are plans to replace H2 with Calcite. Yo

Re: H2 version security concern

Hi, There are plans to replace H2 with Calcite. You can read more about it on dev list, I've seen several threads regarding this topic there. Evgenii вт, 10 дек. 2019 г. в 13:29, Sobolevsky, Vladik : > Hi, > > > > It looks like all the recent versions of Apache Ignite ( apache ignite > indexin

H2 version security concern

Hi, It looks like all the recent versions of Apache Ignite ( apache ignite indexing) depends on H2 version 1.4.197. This version has at least 2 CVE’s : https://nvd.nist.gov/vuln/detail/CVE-2018-10054 https://nvd.nist.gov/vuln/detail/CVE-2018-14335 I do understand that not all above CVE’s can be