DSA-5076 h2database - security update

Read Time:26 Second

Security researchers of JFrog Security and Ismail Aydemir discovered two remote
code execution vulnerabilities in the H2 Java SQL database engine which can be
exploited through various attack vectors, most notably through the H2 Console
and by loading custom classes from remote servers through JNDI. The H2 console
is a developer tool and not required by any reverse-dependency in Debian. It
has been disabled in (old)stable releases. Database developers are advised to
use at least version 2.1.210-1, currently available in Debian unstable.

Generated by Feedzy

Cyber Security News

UK police reveal they are running fake DDoS-for-hire sites to collect details on cybercriminals

Microsoft Fixes Security Flaw in Windows Screenshot Tools

Three Variants of IcedID Malware Discovered

New MacStealer Targets Catalina, Newer MacOS Versions

Can zero trust be saved?

Part of Twitter source code leaked on GitHub

Hacks at Pwn2Own Vancouver 2023

France bans TikTok, all social media apps from government devices

How often should security audits be?

DSA-5076 h2database – security update

USN-5974-1: GraphicsMagick vulnerabilities

USN-5973-1: url-parse vulnerabilities

USN-5964-2: curl vulnerabilities

LSN-0093-1: Kernel Live Patch Security Notice

USN-5972-1: Thunderbird vulnerabilities

CVE-2018-25083