An asterisk (*) indicates support that was added in a hotfix or software patch subsequent to a release.

Refer to the following resources for additional information:

• Product Compatibility Guide: Provides the latest data source and platform support information. 
• Fixes: Describes the issues resolved since general availability.  

Version 6.0.0

ENHANCEMENTS

• The driver has been enhanced to comply with FIPS standards for data encryption. As part of this enhancement, the driver was tested with FIPS 140-3 enabled using a Red Hat OpenJDK 21 on a Red Hat Universal Base Image 9 instance. Refer to FIPS (Federal Information Processing Standard) for details.*
  Available: 1/31/2025 | 6.0.0.001506
• The driver has been enhanced to support access token authentication for Microsoft Entra ID (Azure Active Directory) resources. You can configure this authentication using the updated AuthenticationMethod and EntraAccessToken connection properties. Refer to Configuring Entra ID access token authentication for details.*
  Available: 11/26/2024|6.0.0.001506
• The driver has been enhanced to support the TLSv1.3 cryptographic protocol using the CryptoProtocolVersion connection property. Refer to CryptoProtocolVersion and Configuring TLS/SSL Encryption for details.*
  
• The driver has been enhanced to use proxy server settings defined in the JVM system properties by default. If no proxy settings are defined in the connection string or data source, the driver will attempt to use the values of the http.proxyHost and http.proxyPort JVM system properties to connect to the database.*
• The driver has been enhanced to support Windows Defender Credential Guard when using Kerberos Authentication. Refer to Configuring Kerberos authentication for details.*
• The driver has been enhanced to include timestamp in the Spy and JDBC packet
  logs by default. If required, you can disable the timestamp logging by
  specifying the following at connection: For Spy logs, set
  spyAttributes=(log=(file)Spy.log;timestamp=no) and for JDBC packet logs,
  set ddtdbg.ProtocolTraceShowTime=false.*
• Interactive SQL for JDBC (JDBCISQL) is now installed with the product.
  JDBCISQL is a command-line interface that supports connecting your driver
  to a data source, executing SQL statements and retrieving results in a
  terminal. This tool provides a method to quickly test your drivers in an
  environment that does not support GUIs.*
• The driver has been enhanced to support using connection information stored in an LDAP entry to establish a connection. You can configure the driver to use LDAP with the new LDAPDistinguishedName property and refreshed ServerName and PortNumber properties. Refer to Using LDAP for details.
• The driver has been enhanced to support connecting through Oracle Connection Manager using the TNSNAMES.ORA file. Refer to Oracle Connection Manager for details.*
• The BatchMechanism connection property has been added to the driver. It determines the mechanism that is used for executing batch operations. It's a flexible replacement for BatchPerformanceWorkaround property. Therefore, if you use BatchPerformanceWorkaround for specifying the batch mechanism instead of BatchMechanism, the driver will allow it. If you use both BatchMechanism and BatchPerformanceWorkaround simultaneously, BatchMechanism will take precedence over BatchPerformanceWorkaround. Refer to BatchMechanism for details.
• The driver has been enhanced to support Kerberos constrained delegation.
  Constrained delegation is a Kerberos mechanism that allows a client
  application to delegate authentication to a second service. For details, refer to Configuring the driver and Constrained delegation.
• The GSSCredential connection property has been added to the driver.
  It specifies the GSS credential object used to instantiate Kerberos
  constrained delegation. For details, refer to GSSCredential.
• The driver has been enhanced to support returning implicit result sets
  from stored procedures.
• The driver has been enhanced to use Oracle Internet Directory as a means to store authentication information. For details, refer to Oracle Internet Directory (OID).
• The driver has been enhanced to support Oracle Wallet SSL
  authentication introduced in Oracle 11.1.0.6. The AuthenticationMethod
  connection property should be set to either SSL or SSLUIDPassword to allow
  SSL authentication when connecting with the driver. For details, refer to Oracle Wallet SSL authentication.
• Support for Oracle Database Vault.
• Support for Oracle Database Exadata Cloud Service.
• The driver has been enhanced to support the following new data integrity
  algorithms for Oracle Advanced Security on Oracle 12c and higher:
  • SHA256
  • SHA384
  • SHA512
  For details, refer to DataIntegrityLevel and DataIntegrityTypes.
• The maximum supported length of identifiers has been increased to 128
  bytes when connecting to Oracle 12c R2 (12.2) databases. This change
  has been implemented to reflect the new maximum length supported by
  the server.
• The driver has been enhanced to support the extended data types.
  When the Oracle server is configured with MAX_STRING_SIZE=EXTENDED,
  the driver supports the following maximum string sizes:
  • NVARCHAR2: 32766 bytes
  • RAW: 32767 bytes
  • VARCHAR2: 32767 byte
• The LOBPrefetchSize connection property has been added to the driver and is
  supported for Oracle database versions 12.1.0.1 and higher. This connection
  property allows you to specify the size of prefetch data the driver returns for
  BLOBs and CLOBs. With LOB prefetch enabled, the driver can return LOB meta-data and the beginning of LOB data along with the LOB locator during a fetch
  operation. This can have significant performance impact, especially for small
  LOBs which can potentially be entirely prefetched, because the data is available
  without having to go through the LOB protocol. For details, refer to LOBPrefetchSize.

CHANGED BEHAVIOR

• The installer program now requires you to install a JRE that is Java SE 11 or higher before running the installer. In earlier versions, the JRE used by the installer program was included in the product. However, to avoid potential security vulnerabilities, the installer program no longer includes a JRE. Instead, the installer program uses the JRE in your environment to allow for the most secure version of a JRE to be used.*
  Note: This change does not affect the JVM requirements for the driver. For the latest driver requirements, refer to the Product Compatibility Guide.
  Available: 7/3/2024
• The default value for the SDUSize property has been updated to 16384. For details, refer to SDUSize.
• The default value for the EncryptionLevel property has been updated to
  accepted. For details, refer to EncryptionLevel.
• The default value for the DataIntegrityLevel property has been updated to
  accepted. For details, refer to DataIntegrityLevel.
• The driver no longer sets the java.security.krb5.conf system property to
  force the use of the krb5.conf file installed with the driver jar files in
  the /lib directory of the product installation directory. For details, refer to Configuring Kerberos authentication.
• Added the RegisterStatementPoolMonitorMBean connection property. Note that the
  driver no longer registers the Statement Pool Monitor as a JMX MBean by default.
  You must set RegisterStatementPoolMonitorMBean to true to register the Statement
  Pool Monitor and manage statement pooling with standard JMX API calls. For details, refer to RegisterStatementPoolMonitorMBean.

Version 5.1.4

ENHANCEMENTS

• The SDUSize connection property has been added to the driver. This connection property allows you to specify the size in bytes of the Session Data Unit (SDU) that the driver requests when connecting to the server. 
• The SupportBinaryXML connection property has been added to the driver. This connection property enables the driver to support XMLType with binary storage on servers running Oracle 12C and higher.
• The connection properties RandomGenerator and SecureRandomAlgorithm have been added to the driver.
  • RandomGenerator allows you to specify the type of random number generator (RNG) the database uses for secure seeding.
  • SecureRandomAlgorithm can be used to specify the SecureRandom number generation algorithm used for secure seeding when RandomGenerator is set to secureRandom.
• The CryptoProtocolVersion connection property has been added to the driver. This property can be used to avoid vulnerabilities associated with SSLv3 and SSLv2, including the POODLE vulnerability.

Version 5.1.2

ENHANCEMENTS

• Enhanced to support all Oracle 11gR2 Kerberos encryption algorithms

Version 5.1.1

ENHANCEMENTS

• Enhanced to throw warning when EnableBulkLoad fails
• Added support for Oracle Wallet

Version 5.1.0

ENHANCEMENTS

• Support for the Oracle Advanced Security (OAS) data encryption and data
  integrity feature, including support for the following new connection
  properties:
  • DataIntegrityLevel sets the level of OAS data integrity used for data sent between the driver and database server.
  • DataIntegrityTypes specifies one or multiple algorithms to protect against  attacks that intercept and modify data being transmitted between the client and server when OAS data integrity is enabled using the DataIntegrityLevel property.
  • EncryptionLevel determines whether data is encrypted and decrypted when transmitted over the network between the driver and database server using OAS encryption.
  • EncryptionTypes specifies one or multiple algorithms to use if OAS encryption is enabled using the EncryptionLevel property.