Dear MySQL users,
MySQL Connector/ODBC 5.3.8, a new version of the ODBC driver for
the MySQL database management system, has been released.
The available downloads include both a Unicode driver and an ANSI
driver based on the same modern codebase. Please select the driver type
you need based on the type of your application - Unicode or ANSI.
Server-side prepared statements are enabled by default. It is suitable
for use with any MySQL version from 5.5.
This is the fourth release of the MySQL ODBC driver conforming to the
ODBC 3.8 specification. It contains implementations of key 3.8 features,
including self-identification as a ODBC 3.8 driver, streaming of output
parameters (supported for binary types only), and support of the
SQL_ATTR_RESET_CONNECTION connection attribute (for the Unicode driver
only).
Also, Connector/ODBC 5.3 introduces a GTK+-based setup library
providing a GUI DSN setup dialog on some Unix-based systems, currently
included in the Debian 7/8, EL6/OL6, EL7/OL7 (64-bit only), Fedora 24/25,
FreeBSD 10/11, SLES 12, Ubuntu 12/14/16 packages. Other new
features in the 5.3 driver are FileDSN and Bookmarks support.
The release is now available in source and binary form for a number of
platforms from our download pages at
http://dev.mysql.com/downloads/connector/odbc/5.3.html
For information on installing, please see the documentation at
http://dev.mysql.com/doc/connector-odbc/en/connector-odbc
-installation.html
Enjoy!
The MySQL Connectors team at Oracle
Changes in MySQL Connector/ODBC 5.3.8 (2017-04-28)
Security Notes
* Security Fix: The linked OpenSSL library for
Connector/ODBC Commercial 5.3.8 has been updated from
version 1.0.2j to version 1.0.2k. Versions of OpenSSL
prior to 1.0.2k are reported to be vulnerable to
2017-3731
(http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731), CVE-2017-3732
(http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732), and CVE-2017-7055
(http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7055).
This change does not affect the Oracle-produced MySQL
Community build of Connector/ODBC 5.3.8, which uses the
yaSSL library instead. (Bug #25615448, CVE-2017-3731,
CVE-2017-3732, CVE-2017-7055)
Bugs Fixed
* When error 2006 ("MySQL server has gone away") occurred,
Connector/ODBC wrongly returned the SQL_NO_DATA error.
(Bug #25671389)
* When the SQL_TIMESTAMP_STRUCT was used, if the date
portion of a timestamp was populated but the time portion
was uninitialized, queries involving the timestamp would
fail with a Date overflow error. With this fix, the
uninitialized time value is simply ignored. (Bug
#25386024)
* Segmentation faults occurred when catalog, column, or
table names that were too long were passed as arguments
to metadata functions like
SQLColumnPrivileges(),SQLColumns(),SQLTablePrivileges()
and SQLTables(). With this fix, proper errors are
returned in those cases. (Bug #18796005)
* An assertion error occurred when calling
SQLSetDescField() with SQL_DESC_COUNT as FieldIdentifier,
irrespective of the record number set. (Bug #18641633)
* Connector/ODBC quit unexpectedly when a negative column
number was passed as an argument for the SQLGetData()
method. (Bug #18636600)
* When server-side prepared statements were enabled, using
the prefetch option caused SQL syntax errors to be
returned for queries that contained parameter markers.
(Bug #17386788)
* After the attribute SQL_ATTR_MAX_ROWS had been set for a
certain statement handler, a new statement handler also
had the same value set automatically. The fix makes sure
a new statement handler returns all rows by default. (Bug
#17259397, Bug #69554)
* If the NO_INFORMATION_SCHEMA connection option was set,
the SQLTables() function did not return the catalog
correctly when a wildcard or SQL_ALL_CATALOGS was used in
its arguments. (Bug #14005343)
References: See also: Bug #13914518.
On behalf of the Oracle MySQL RE Team,
Hery Ramilison