Skip to content

[SPARK-44393][BUILD] Upgrade H2 from 2.1.214 to 2.2.220 #41963

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
bjornjorgensen wants to merge 1 commit into from
Closed

[SPARK-44393][BUILD] Upgrade H2 from 2.1.214 to 2.2.220 #41963

bjornjorgensen wants to merge 1 commit into from

Conversation

@bjornjorgensen
Copy link
Contributor

@bjornjorgensen bjornjorgensen commented Jul 12, 2023
edited
Loading

What changes were proposed in this pull request?

Upgrade H2 from 2.1.214 to 2.2.220

Changelog

Why are the changes needed?

CVE-2022-45868

The following change in the release note fixes the CVE.
581ed18 Merge pull request #3833 from katzyn/password

Does this PR introduce any user-facing change?

No.

How was this patch tested?

Pass GA

@HyukjinKwon
Copy link
Member

HyukjinKwon commented Jul 13, 2023

Merged to master.

@bjornjorgensen bjornjorgensen deleted the h2-2.2.220 branch July 13, 2023 09:47
@dongjoon-hyun
Copy link
Member

dongjoon-hyun commented Apr 5, 2024

Since this is a test only dependency, let me backport this to branch-3.4 for Apache Spark 3.4.3 release.

dongjoon-hyun pushed a commit that referenced this pull request Apr 5, 2024
@bjornjorgensen @dongjoon-hyun
[SPARK-44393][BUILD] Upgrade H2 from 2.1.214 to 2.2.220
e5293c7 
### What changes were proposed in this pull request?
Upgrade H2 from 2.1.214 to 2.2.220

[Changelog](https://www.h2database.com/html/changelog.html)

### Why are the changes needed?
[CVE-2022-45868](https://nvd.nist.gov/vuln/detail/CVE-2022-45868)

The following change in the release note fixes the CVE.
[581ed18](h2database/h2database@581ed18) Merge pull request [#3833](https://redirect.github.com/h2database/h2database/issues/3833) from katzyn/password

### Does this PR introduce _any_ user-facing change?
No.

### How was this patch tested?
Pass GA

Closes #41963 from bjornjorgensen/h2-2.2.220.

Authored-by: Bjørn Jørgensen <bjornjorgensen@gmail.com>
Signed-off-by: Hyukjin Kwon <gurwls223@apache.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@HyukjinKwon HyukjinKwon HyukjinKwon approved these changes

Assignees

No one assigned

Labels

BUILD CONNECT SQL

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bjornjorgensen @HyukjinKwon @dongjoon-hyun