DSA-5076 h2database - security update

Read Time:26 Second

Security researchers of JFrog Security and Ismail Aydemir discovered two remote
code execution vulnerabilities in the H2 Java SQL database engine which can be
exploited through various attack vectors, most notably through the H2 Console
and by loading custom classes from remote servers through JNDI. The H2 console
is a developer tool and not required by any reverse-dependency in Debian. It
has been disabled in (old)stable releases. Database developers are advised to
use at least version 2.1.210-1, currently available in Debian unstable.

Generated by Feedzy

Cyber Security News

Smashing Security podcast #300: Interplanetary file systems, iSpoof, and don’t delete Twitter

Fortanix unveils AWS integration for centralized key management

AWS’ Inspector offers vulnerability management for Lambda serverless functions

Majority of US Defense Contractors Not Meeting Basic Cybersecurity Requirements

Australian Parliament Passes Privacy Penalty Bill

China-Based Hackers Target Southeast Asia With USB-Based Malware

Twitter isn’t going to stop people posting COVID-19 misinformation anymore

Zero-Day Flaw Discovered in Quarkus Java Framework

AWS launches new cybersecurity service Amazon Security Lake

DSA-5076 h2database – security update

RansomBoggs Ransomware Targeted Multiple Ukrainian Organizations

Aurora Infostealer Sold on Darknet and Telegram

CVE-2019-18265

USN-5752-1: Linux kernel (Azure CVM) vulnerabilities

nextcloud-25.0.1-1.fc35

nextcloud-25.0.1-1.fc36