DSA-5076 h2database - security update

Read Time:26 Second

Security researchers of JFrog Security and Ismail Aydemir discovered two remote
code execution vulnerabilities in the H2 Java SQL database engine which can be
exploited through various attack vectors, most notably through the H2 Console
and by loading custom classes from remote servers through JNDI. The H2 console
is a developer tool and not required by any reverse-dependency in Debian. It
has been disabled in (old)stable releases. Database developers are advised to
use at least version 2.1.210-1, currently available in Debian unstable.

Generated by Feedzy

Cyber Security News

Quishing Attacks Jump Tenfold, Attachment Payloads Halve

Russia’s Sandworm Upgraded to APT44 by Google’s Mandiant

New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads

Change Healthcare data for sale on dark web as fallout from ransomware attack spirals out of control

3.5 million Omni Hotel guest details held to ransom by Daixin Team

Police smash LabHost international fraud network, 37 arrested

US Election Officials Told to Prepare for Nation-State Influence Campaigns

Other Attempts to Take Over Open Source Projects

Trust in Cyber Takes a Knock as CNI Budgets Flatline

DSA-5076 h2database – security update

python-idna-3.7-1.fc38

python-idna-3.7-1.fc39

USN-6737-1: GNU C Library vulnerability

glibc-2.37-19.fc38

glibc-2.38-18.fc39

python-idna-3.7-1.fc40