-
The linked OpenSSL library for Connector/ODBC Commercial 5.3.7 has been updated from version 1.0.1q to version 1.0.2j. Versions of OpenSSL prior to 1.0.2j are reported to be vulnerable to CVE-2016-6304.
This change does not affect the Oracle-produced MySQL Community build of Connector/ODBC 5.3.7, which uses the yaSSL library instead. (Bug #24753385)
A new configuration option,
SSLMODE
, has been introduced for setting the SSL mode of the connection to the server. This option overrides the now deprecatedsslverify
andSSL_ENFORCE
options. See Connector/ODBC DSN Configuration Options for details. (Bug #23497043)Added new configuration option
NO_TLS_1_0
,NO_TLS_1_1
, andNO_TLS_1_2
for controlling TLS versions for encrypting connecting. See Connector/ODBC DSN Configuration Options for details. For more information about encryption protocols in MySQL, see Encrypted Connection TLS Protocols and Ciphers. (Bug #23496903)
An assertion failure occurred when mysql_stmt_close() was called on a broken connection. (Bug #25109356)
Connector/ODBC could not be installed on OS X using the installer provided with the
.dmg
file unless unixODBC had been installed on the system. With this fix, Connector/ODBC is now built to work with the iODBC manager instead. Installation now only requires iODBC to be on the system. (Bug #23123503, Bug #81113)Connector/ODBC could not be built with CMake 3.0.2 or later. The build script has been fixed to correct the issue. (Bug #22746557)