The linked OpenSSL library for Connector/ODBC Commercial 5.3.6 has been updated from version 1.0.1m to version 1.0.1q. Versions of OpenSSL prior to 1.0.1q are reported to be vulnerable to CVE-2015-3195.
This change does not affect the Oracle-produced MySQL Community build of Connector/ODBC 5.3.6, which uses the yaSSL library instead.
SSL_ENFORCE, have been introduced for specifying whether the default requirement to use SSL connections is to be followed. See Connector/ODBC DSN Configuration Options for details. (Bug #21027928)
The statement attribute
SQL_ATTR_QUERY_TIMEOUTis now supported. Its value is set by
SQLSetStmtAttr()and retrieved by
malloc()to allocate memory and then
xfree()to free the allocated memory for a returned value. That caused some issues when certain third-party versions of MySQL client library (like MariaDB 10.x) was used. The issues have been fixed by replacing
my_malloc(). (Bug #21074676, Bug #76984)
Attempt to build Connector/ODBC from source on a Linux platform against the client library and header files shipped with MySQL server 5.7.6 or newer failed. It was due to the changes made to the client library and the header files, to which Connector/ODBC has now been adapted. (Bug #20685833)
An application that used ActiveX Data Objects (ADO) and the Connector/ODBC ANSI driver hung after trying to write French characters to a database that used the UTF-8 character set. (Bug #20526062)
Because Connector/ODBC did not parse comments properly, the parameter markers embedded in comments caused the complaint that
SQLBindParameterwas not used for all parameters. (Bug #16613308, Bug #53891)
SQLGetDiagFieldfunction with the
SQL_DIAG_ROW_COUNTalways returned “0,” even if there were updated, deleted, or modified rows. (Bug #11750296)