Regression with H2 v2.0.206

[jeremie...@gmail.com]

Hello,

In order to fix CVE-2021-42392, I have to upgrade to H2 v2.0.206

However, a lot of tests fail with this version, I don't known if it's a bugs or intended changed..

1/ BOOLEAN and INTEGER can't be compared anymore

This breaks hibernate, and other queries (in camunda for example)

2/ VALUE is now a reserved keyword (?)

Flyway is this query, which doesn't work with H2 anymore :

Erreur de syntaxe dans l'instruction SQL "SELECT VALUE[*] FROM INFORMATION_SCHEMA.SETTINGS WHERE NAME = 'info.BUILD_ID'"; attendu "TOP, DISTINCT, ALL, ,, NOT, EXISTS, INTERSECTS, UNIQUE"

Creating a table with a column "value" doesn't work anymore,, with the error "expected identifier". value has to be quoted. Moreover "value" is not declared in the list of sql keywords

3/ ID is now a reserved keyword (?)

It's not possible to create a table with a column ID without using quote

this make upgrading H2 and fixing the CVE really difficult, especially since the policy of H2 is to not backport security issue.

Are this point issues or planned change ?

Regards,

Jérémie

[Marcello Rinaldo Martina]

Hi, I am not able to respond to your questions, but I'm pushing to update this page https://h2database.com/html/migration-to-v2.html that contains the changes and things to consider when updating to v2. Can you have a look on that? If you have new findings, can you contribute them? (https://github.com/h2database/h2database/blob/master/h2/src/docsrc/html/migration-to-v2.html) I think it would be really helpful for the community.

Best,

Marcello