Ubuntu
hsqldb package

hsqldb 2.7.1-1 source package in Ubuntu

Changelog

hsqldb (2.7.1-1) unstable; urgency=medium

  * New upstream version 2.7.1.
    - Fix CVE-2022-41853:
      Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb
      (HyperSQL DataBase) to process untrusted input may be vulnerable to a
      remote code execution attack. By default it is allowed to call any static
      method of any Java class in the classpath resulting in code execution.
      The issue can be prevented by updating to 2.7.1 or by setting the system
      property "hsqldb.method_class_names" to classes which are allowed to be
      called. For example, System.setProperty("hsqldb.method_class_names",
      "abc") or Java argument -Dhsqldb.method_class_names="abc" can be used.
      From version 2.7.1 all classes by default are not accessible except those
      in java.lang.Math and need to be manually enabled.
      (Closes: #1023573)

 -- Markus Koschany <email address hidden>  Sun, 04 Dec 2022 21:32:57 +0100

Upload details

Uploaded by:
Debian Java Maintainers
Uploaded to:
Sid
Original maintainer:
Debian Java Maintainers
Architectures:
all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Lunar release universe libs

Builds

Lunar: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
hsqldb_2.7.1-1.dsc 2.2 KiB 6ea736372faf5af6715ff357193e6156766717e2037b2401d9d05a82cf2a71be
hsqldb_2.7.1.orig.tar.xz 3.4 MiB 3605a8b3223d98fc0b50aa405ae1b4074be55fc9aaefeb56a441ffb11767e071
hsqldb_2.7.1-1.debian.tar.xz 11.5 KiB 7858f29ce0a472eb03f5e62c8ec4d9e8e0b37373d19c21b2a525233666cd9b0f

Available diffs

No changes file available.

Binary packages built by this source

hsqldb-utils: Java SQL database engine (utilities)

 HSQLDB is an SQL relational database engine written in Java. It has a
 JDBC driver and supports a rich subset of SQL-92 (BNF tree format) plus
 SQL:2.29 and SQL:2.23 enhancements. It offers a small, fast database
 engine that offers both in-memory and disk-based tables. Embedded and
 server modes are available. Additionally, it includes tools such as a
 minimal web server, in-memory query and management tools (can be run as
 applets), and a number of demonstration examples.
 .
 This package contains some scripts to invoke the Utilities of HSQLDB
 (org.hsqldb.util.*):
  - hsqldb-databasemanager: DatabaseManager
  - hsqldb-databasemanagerswing: DatabaseManagerSwing
  - hsqldb-transfer: Transfer
  - hsqldb-sqltool: SqlTool

libhsqldb-java: Java SQL database engine

 HSQLDB is an SQL relational database engine written in Java. It has a
 JDBC driver and supports a rich subset of SQL-92 (BNF tree format) plus
 SQL:2.29 and SQL:2.23 enhancements. It offers a small, fast database
 engine that offers both in-memory and disk-based tables. Embedded and
 server modes are available. Additionally, it includes tools such as a
 minimal web server, in-memory query and management tools (can be run as
 applets), and a number of demonstration examples.

libhsqldb-java-doc: documentation for HSQLDB

 HSQLDB is an SQL relational database engine written in Java. It has a
 JDBC driver and supports a rich subset of SQL-92 (BNF tree format) plus
 SQL:2.29 and SQL:2.23 enhancements. It offers a small, fast database
 engine that offers both in-memory and disk-based tables. Embedded and
 server modes are available. Additionally, it includes tools such as a
 minimal web server, in-memory query and management tools (can be run as
 applets), and a number of demonstration examples.
 .
 This package contains the documentation of HSQLDB.