DSA-5076 h2database - security update

Read Time:26 Second

Security researchers of JFrog Security and Ismail Aydemir discovered two remote
code execution vulnerabilities in the H2 Java SQL database engine which can be
exploited through various attack vectors, most notably through the H2 Console
and by loading custom classes from remote servers through JNDI. The H2 console
is a developer tool and not required by any reverse-dependency in Debian. It
has been disabled in (old)stable releases. Database developers are advised to
use at least version 2.1.210-1, currently available in Debian unstable.

Friday Squid Blogging: Squid Sticker

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe

Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers

LockBit Admins Tease a New Ransomware Version

Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns

CISA Urges Encrypted Messaging After Salt Typhoon Hack

Ransomware Attackers Target Industries with Low Downtime Tolerance

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

US Organizations Still Using Kaspersky Products Despite Ban

DSA-5076 h2database – security update

CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205

USN-7179-1: Linux kernel vulnerabilities

USN-7173-2: Linux kernel vulnerabilities

swiftlint-0.57.1-1.fc42

USN-7166-3: Linux kernel (HWE) vulnerabilities

USN-7159-4: Linux kernel (IoT) vulnerabilities