The linked OpenSSL library for Connector/ODBC Commercial 5.3.7 has been updated from version 1.0.1q to version 1.0.2j. Versions of OpenSSL prior to 1.0.2j are reported to be vulnerable to CVE-2016-6304.
This change does not affect the Oracle-produced MySQL Community build of Connector/ODBC 5.3.7, which uses the yaSSL library instead. (Bug #24753385)
A new configuration option,
SSLMODE, has been introduced for setting the SSL mode of the connection to the server. This option overrides the now deprecated
SSL_ENFORCEoptions. See Connector/ODBC DSN Configuration Options for details. (Bug #23497043)
Added new configuration option
NO_TLS_1_2for controlling TLS versions for encrypting connecting. See Connector/ODBC DSN Configuration Options for details. For more information about connection protocols in MySQL, see Encrypted Connection Protocols and Ciphers.
An assertion failure occurred when mysql_stmt_close() was called on a broken connection. (Bug #25109356)
Connector/ODBC could not be installed on OS X using the installer provided with the
.dmgfile unless unixODBC had been installed on the system. With this fix, Connector/ODBC is now built to work with the iODBC manager instead. Installation now only requires iODBC to be on the system. (Bug #23123503, Bug #81113)
Connector/ODBC could not be built with CMake 3.0.2 or later. The build script has been fixed to correct the issue. (Bug #22746557)