CVE-2021-42392,h2database: Link to fixing commit

author: Markus Koschany <apo@debian.org> 2022-02-14 18:00:14 +0100
committer: Markus Koschany <apo@debian.org> 2022-02-14 18:00:14 +0100
commit: 1a6ac8756c87b0c39788ffbbbb3e985aed0217fe (patch)
tree: 816842f745ebc59f396819008a3c135f5c162a96
parent: c1208d4bec5b661af5c2778a22fe4fc42e9fdb58 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 7c2c5fa2b0..44922827ef 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -11042,6 +11042,8 @@ CVE-2021-42392 (The org.h2.util.JdbcUtils.getConnection method of the H2 databas
 	- h2database 2.1.210-1 (bug #1003894)
 	NOTE: https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6
 	NOTE: https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/
+	NOTE: Fixed by https://github.com/h2database/h2database/commit/41dd2a4cf89da9dd18239debbf73f88da6184ec7
+	NOTE: https://github.com/h2database/h2database/commit/956c6241868332c5b440f5d55ea8fdc1e51ae4fd
 CVE-2021-42391
 	RESERVED
 CVE-2021-42390
author	Markus Koschany <apo@debian.org>	2022-02-14 18:00:14 +0100
committer	Markus Koschany <apo@debian.org>	2022-02-14 18:00:14 +0100
commit	1a6ac8756c87b0c39788ffbbbb3e985aed0217fe (patch)
tree	816842f745ebc59f396819008a3c135f5c162a96
parent	c1208d4bec5b661af5c2778a22fe4fc42e9fdb58 (diff)