Amazon Redshift

Progress DataDirect for ODBC for Amazon Redshift Wire Protocol Driver

An asterisk (*) indicates support that was added in a hotfix or software patch subsequent to a release.

Version 8.0.0

Certifications
  • Certified with Red Hat Enterprise 7.3* (driver version  08.00.0053 (B0259, U0174)) 
  • Certified with Windows Server 2016 (driver version 07.16.0114 (B0316, U0209))
  • Certified with Debian Linux 7.11, 8.5 (driver version 07.16.0106 (B0302, U0201))
  • Certified with Ubuntu Linux 14.04, 16.04 (driver version 07.16.0106 (B0302, U0201))
Enhancements
  • The driver is now compiled using Visual Studio 2015 for improved security.
  • Support for connecting to a proxy server through an HTTP connection. HTTP proxy support is configurable with five new connection options: Proxy Host, Proxy Mode, Proxy password, Proxy Port, and Proxy User.  
  • The driver has been enhanced to support the TimestampTZ data type.
  • The new Fetch TSWTZ as Timestamp option allows you to determine whether the driver returns column values of the TimestampTZ data type as the ODBC data type SQL_TYPE_TIMESTAMP or SQL_VARCHAR.
  • The driver has been enhanced to support the HOUR, MINUTE, MONTH, QUARTER, SECOND, WEEK, and YEAR ODBC functions for improved support of third-party applications such as Tableau.
  • The driver includes a new Tableau data source file (Windows only) that provides improved functionality when accessing your data with Tableau.  Refer to the Windows Quick Start for details.
  • The driver and Driver Manager have been enhanced to support UTF-8 encoding in the odbc.ini and odbcinst.ini files.
Changed Behavior
  • The default value for Crypto Protocol Version has been updated to

    TLSv1.2,TLSv1.1,TLSv1. This change improves the security of the driver by employing only the most secure cryptographic protocols as the default behavior.

Version 7.1.6

Certifications
  • Certified with Windows 10
  • Certified with Red Hat Enterprise 7.1
  • Certified with CentOS Linux 7.1
  • Certified with Oracle Linux 7.1
  • Certified with SUSE Enterprise Server 12
Enhancements
  • The drivers have been updated with OpenSSL library version 1.0.2k, which addresses the following security vulnerabilities:*
    • Truncated packet could crash via OOB read (CVE-2017-3731)
    • BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
    • Montgomery multiplication may produce incorrect results (CVE-2016-7055)

    Version 1.0.2k also addresses the following vulnerabilities resolved by earlier versions of the library:

    • "Missing CRL sanity check" (CVE-2016-7052)
    • "OCSP Status Request extension unbounded memory growth" (CVE-2016-6304)
    • "SWEET32 Mitigation" (CVE-2016-2183)
    • "OOB write in MDC2_Update()" (CVE-2016-6303)
    • "Malformed SHA512 ticket DoS" (CVE-2016-6302)
    • "OOB write in BN_bn2dec()" (CVE-2016-2182)
    • "OOB read in TS_OBJ_print_bio()" (CVE-2016-2180)
    • "Pointer arithmetic undefined behaviour" (CVE-2016-2177)
    • "Constant time flag not preserved in DSA signing" (CVE-2016-2178)
    • "DTLS buffered message DoS" (CVE-2016-2179)
    • "DTLS replay protection DoS" (CVE-2016-2181)
    • "Certificate message OOB reads" (CVE-2016-6306)
    • "Padding oracle in AES-NI CBC MAC check" (CVE-2016-2107)
    • "EVP_EncodeUpdate overflow" (CVE-2016-2105)
    • "EVP_EncryptUpdate overflow" (CVE-2016-2106)
    • "ASN.1 BIO excessive memory allocation" (CVE-2016-2109)
    • "EBCDIC overread" (CVE-2016-2176)
    • "missing Memory allocation success checks in doapr_outch function in
      crypto/bio/b_print.c" (CVE‐2016‐2842)
    • "Cross‐protocol attack on TLS using SSLv2 (DROWN)" (CVE‐2016‐0800)
    • "memory issues in BIO_*printf functions" (CVE‐2016‐0799)
    • "Memory leak in SRP database lookups" (CVE‐2016‐0798)
    • "Double‐free in DSA code" (CVE‐2016‐0705)
    • "Side channel attack on modular exponentiation" (CVE-2016-0702)
    • Provides stronger cryptographic assurance against the "Logjam" vulnerability (CVE‐2015‐4000)
    • "DH small subgroups" (CVE‐2016‐0701)
    • "SSLv2 doesn't block disabled ciphers" (CVE‐2015‐3197)
    • "BN_mod_exp may produce incorrect results on x86_64" (CVE‐2015‐3193)
    • "Certificate verify crash with missing PSS parameter"(CVE‐2015‐3194)
    • "X509_ATTRIBUTE memory leak" (CVE‐2015‐3195)
    For more information on the OpenSSL vulnerabilities resolved by this upgrade, refer to the corresponding OpenSSL announcements at https://www.openssl.org/news/openssl-1.0.2-notes.html.
  • The default OpenSSL library version has been updated to 1.0.2j.*
  • The default OpenSSL library version has been updated to 1.0.2.h.*
  • The default OpenSSL library version has been updated to 1.0.2g.*
  • The default OpenSSL library version has been updated to 1.0.2f.
  • The new CryptoLibName and SSLLibName connection options allow you to designate the OpenSSL libraries used when SSL is enabled. 

Version 7.1.5

Certifications
  • Certified with Red Hat Enterprise 7.0
  • Certified with CentOS Linux 7.0
  •  Certified with Oracle Linux 7.0
Enhancements
  • The driver has been enhanced to optimize the performance of batch inserts.
  • The OpenSSL library was upgraded to version 1.0.0r, which fixes the CVE-2015-0204 (FREAK) vulnerability. See "RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)" at https://www.openssl.org/news/secadv_20150108.txt for more information.
  • The new CryptoProtocolVersion connection option allows you to specify the cryptographic protocols used when SSL is enabled. This option can be used to avoid vulnerabilities associated with SSLv3 and SSLv2, including the POODLE vulnerability.

Version 7.1.4

Features
  • The driver supports Amazon Web Services API, version 2012-12-01.
  • The driver supports all ODBC Core and Level 1 functions.
  • The driver supports the core SQL 92 grammar.
  • The driver supports DataDirect Connection Pooling.
  • The driver supports advanced security features, including SSL data encryption.
  • The driver supports configurable connection failover protection.


patch-whats-new

Read Next

What's new