You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Matt Burgess (Jira)" <ji...@apache.org> on 2022/01/18 16:48:00 UTC

[jira] [Assigned] (NIFI-9585) Upgrade H2 to 2.1.210

     [ https://issues.apache.org/jira/browse/NIFI-9585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Matt Burgess reassigned NIFI-9585:
----------------------------------

    Assignee: Matt Burgess

> Upgrade H2 to 2.1.210
> ---------------------
>
>                 Key: NIFI-9585
>                 URL: https://issues.apache.org/jira/browse/NIFI-9585
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: David Handermann
>            Assignee: Matt Burgess
>            Priority: Major
>
> The H2 embedded database below version 2.1.210 includes multiple associated vulnerabilities related to unsafe XML column handling and other issues.  Multiple NiFi components leverage H2 for local relational data storage. Although NiFi does not appear to have any direct vulnerabilities as a result of issues with H2, upgrading to the latest version will avoid false positive security scans and provide better maintainability.
> Due to related database components such as Flyway in NiFi Registry, upgrading H2 will also require upgrades to related dependencies and services.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)