Upgrade H2 version to fix GHSA-h376-j262-vhq6 (#8396)

CHANGES.md

@@ -20,7 +20,7 @@ Release Notes.
 * Add the analysis of metrics in Satellite MetricsService.
 * Fix `Can't split endpoint id into 2 parts` bug for endpoint ID. In the TCP in service mesh observability, endpoint
   name doesn't exist in TCP traffic.
-* Upgrade H2 version to 2.0.202 to fix CVE-2021-23463.
+* Upgrade H2 version to 2.0.206 to fix CVE-2021-23463 and GHSA-h376-j262-vhq6.
 * Extend column name override mechanism working for `ValueColumnMetadata`.
 * Introduce new concept `Layer` and removed `NodeType`. More details refer to [v9-version-upgrade](https://skywalking.apache.org/docs/main/latest/en/faq/v9-version-upgrade/).
 * Fix query sort metrics failure in H2 Storage.

dist-material/release-docs/LICENSE

@@ -381,7 +381,7 @@ MPL 2.0 licenses
 The following components are provided under a MPL 2.0 license. See project link for details.
 The text of each license is also included at licenses/LICENSE-[project].txt.
 
-    H2 Database 2.0.202: http://www.h2database.com/html/main.html , MPL 2.0 or EPL 1.0
+    H2 Database 2.0.206: http://www.h2database.com/html/main.html , MPL 2.0 or EPL 1.0
 
 ========================================
 CC0-1.0 licenses

oap-server-bom/pom.xml

@@ -34,7 +34,7 @@
         <graphql-java.version>8.0</graphql-java.version>
         <okhttp.version>3.14.9</okhttp.version>
         <httpclient.version>4.5.13</httpclient.version>
-        <h2.version>2.0.202</h2.version>
+        <h2.version>2.0.206</h2.version>
         <joda-time.version>2.10.5</joda-time.version>
         <zookeeper.version>3.5.7</zookeeper.version>
         <guava.version>28.1-jre</guava.version>

tools/dependencies/known-oap-backend-dependencies.txt

@@ -55,7 +55,7 @@ gson-2.8.6.jar
 gson-fire-1.8.5.jar
 guava-28.1-jre.jar
 guice-4.1.0.jar
-h2-2.0.202.jar
+h2-2.0.206.jar
 httpasyncclient-4.1.3.jar
 httpclient-4.5.13.jar
 httpcore-4.4.13.jar