Hello,
In order to fix CVE-2021-42392, I have to upgrade to H2 v2.0.206
However, a lot of tests fail with this version, I don't known if it's a bugs or intended changed..
1/ BOOLEAN and INTEGER can't be compared anymore
This breaks hibernate, and other queries (in camunda for example)
2/ VALUE is now a reserved keyword (?)
Flyway is this query, which doesn't work with H2 anymore :
Erreur de syntaxe dans l'instruction SQL "SELECT VALUE[*] FROM INFORMATION_SCHEMA.SETTINGS WHERE NAME = 'info.BUILD_ID'"; attendu "TOP, DISTINCT, ALL, ,, NOT, EXISTS, INTERSECTS, UNIQUE"
Creating a table with a column "value" doesn't work anymore,, with the error "expected identifier". value has to be quoted. Moreover "value" is not declared in the list of sql keywords
3/ ID is now a reserved keyword (?)
It's not possible to create a table with a column ID without using quote
this make upgrading H2 and fixing the CVE really difficult, especially since the policy of H2 is to not backport security issue.
Are this point issues or planned change ?
Regards,
Jérémie