-
The linked OpenSSL library for Connector/ODBC Commercial 5.3.6 has been updated from version 1.0.1m to version 1.0.1q. Versions of OpenSSL prior to 1.0.1q are reported to be vulnerable to CVE-2015-3195.
This change does not affect the Oracle-produced MySQL Community build of Connector/ODBC 5.3.6, which uses the yaSSL library instead.
Two new
option
parameters,DISABLE_SSL_DEFAULT
andSSL_ENFORCE
, have been introduced for specifying whether the default requirement to use SSL connections is to be followed. See Connector/ODBC DSN Configuration Options for details. (Bug #21027928)The statement attribute
SQL_ATTR_QUERY_TIMEOUT
is now supported. Its value is set bySQLSetStmtAttr()
and retrieved bySQLGetStmtAttr()
. (WL #7991)
The function
MySQLGetPrivateProfileStringW()
usedmalloc()
to allocate memory and thenxfree()
to free the allocated memory for a returned value. That caused some issues when certain third-party versions of MySQL client library (like MariaDB 10.x) was used. The issues have been fixed by replacingmalloc()
withmy_malloc()
. (Bug #21074676, Bug #76984)Attempt to build Connector/ODBC from source on a Linux platform against the client library and header files shipped with MySQL server 5.7.6 or newer failed. It was due to the changes made to the client library and the header files, to which Connector/ODBC has now been adapted. (Bug #20685833)
An application that used ActiveX Data Objects (ADO) and the Connector/ODBC ANSI driver hung after trying to write French characters to a database that used the UTF-8 character set. (Bug #20526062)
Because Connector/ODBC did not parse comments properly, the parameter markers embedded in comments caused the complaint that
SQLBindParameter
was not used for all parameters. (Bug #16613308, Bug #53891)Calling the
SQLGetDiagField
function with theDiagIdentifier
SQL_DIAG_ROW_COUNT
always returned “0,” even if there were updated, deleted, or modified rows. (Bug #11750296)