Thomas Spear

Hello, This is a misconfiguration issue and not a bug. v2.7.0 is not vulnerable except for in certain deployment scenarios wherein both of the following conditions are met: 1. The deployment processes random SQL statements from users 2. The deployment does not set the Java system Property hsqldb.method_class_names covered in the HyperSQL Guide pages on database security and access control v2.7.1 will require this property to be set in all deployments as documented in the original bug report

Hello, This is a misconfiguration issue and not a bug. v2.7.0 is not vulnerable except for in certain deployment scenarios wherein both of the following conditions are met: 1. The deployment processes random SQL statements from users 2. The deployment does not set the Java system Property hsqldb.method_class_names covered in the HyperSQL Guide pages on database security and access control v2.7.1 will require this property to be set as documented in the original bug report

Hello, v2.7.0 is not vulnerable except for in certain deployment scenarios wherein both of the following conditions are met: 1. The deployment processes random SQL statements from users 2. The deployment does not set the Java system Property hsqldb.method_class_names covered in the HyperSQL Guide pages on database security and access control v2.7.1 will require this property to be set as documented in the original bug report

Crash in 2.40 when trying to copy password