An asterisk (*) indicates support that was added in a hotfix or software patch subsequent to a release.

For a list a list of issues resolved since general availability, refer to the fixes.

Version 8.0.2

Enhancements

• The installer program has been enhanced to support Azul Zulu JRE 11. As a result of this change, the installer has ended support for platforms that do not support Java SE 8 or higher. The installer supports the following operating systems after the enhancement:
  • Windows 8.1 or higher
  • Windows Server 2012 RC2 or higher
  • UNIX/Linux: Any operating system on a machine using a JRE that is Java SE 8 or higher (LTS version), including Oracle JDK, OpenJDK, and IBM SDK (Java) distributions.
  Important: These changes do not affect the operating system requirements of the driver.*
• The default version of the OpenSSL library has been upgraded to version 1.1.1t, which fixes the following security vulnerabilities:*
  • X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
  • Use-after-free following BIO_new_NDEF (CVE-2023-0215)
  • Double free after calling PEM_read_bio_ex (CVE-2022-4450)
  • Timing Oracle in RSA Decryption (CVE-2022-4304)

  Version 1.1.1t also addresses vulnerabilities resolved by earlier versions of the library. For more information on the installed library files, refer to the readme.
  For more information on the OpenSSL vulnerabilities resolved by this upgrade, refer to the corresponding OpenSSL announcements at https://www.openssl.org/news/vulnerabilities-1.1.1.html.

• OpenSSL library 1.1.1n has been replaced with version 1.1.1t. In addition to fixing multiple new vulnerabilities, version 1.1.1t also addresses the vulnerabilities resolved by version 1.1.1n:*
  • Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)
  • BN_mod_exp may produce incorrect results on MIPS (CVE-2021-4160)
• The driver has been enhanced to support the BINARY and VARBINARY data types.
• The Trust Store (Truststore) connection option has been enhanced and a new pre-connection attribute, SQL_COPT_INMEMORY_TRUSTSTORECERT, has been added to support specifying the contents of the TLS/SSL certificates for TLS/SSL server authentication. Specifying certificate content directly eliminates the need to store the truststore file on the disk and lets applications use TLS/SSL server authentication without any disk dependency.
• The driver has been enhanced to include timestamp in the internal packet logs by default. If you want to disable the timestamp logging in packet logs, set PacketLoggingOptions=1. The internal packet logging is not enabled by default. To enable it, set EnablePacketLogging=1.
• The driver has been enhanced to support Select queries with parameterized arrays.
• The Driver Manager for UNIX/Linux has been enhanced to support setting the Unicode encoding type for applications on a per connection basis. By passing a value for the SQL_ATTR_APP_UNICODE_TYPE attribute using SQLSetConnectAttr, your application can specify the encoding at connection. This allows your application to pass both UTF-8 and UTF-16 encoded strings with a single environment handle.
  The valid values for the SQL_ATTR_APP_UNICODE_TYPE attribute are SQL_DD_CP_UTF8 and SQL_DD_CP_UTF16. The default value is SQL_DD_CP_UTF8.
  
• The new AllowedOpenSSLVersions option determines which version of the OpenSSL library file the driver uses for data encryption when multiple versions are installed with the product. For example, when specifying a value of 1.1.1 (AllowedOpenSSLVersions=1.1.1) the driver uses the 1.1.1 version of the library that is installed with the driver.

Changed Behavior

• The following Windows platforms have reached the end of their product lifecycle and are no longer supported by the driver:
  • Windows 8.0 (versions 8.1 and higher are still supported)
  • Windows Vista (all versions)
  • Windows XP (all versions)
  • Windows Server 2003 (all versions)
• The following databases have reached the end of their product lifecycle and are no longer supported by the driver:
  • DB2 v10.1 for Linux, UNIX, Windows and higher
  • DB2 v9.1 for Linux, UNIX, Windows and higher
  • DB2 v8.x for Linux, UNIX, Windows and higher
  • DB2 v11 for z/OS and higher
  • DB2 v10 for z/OS and higher
  • DB2 v9.1 for z/OS and higher
  • DB2 UDB v8.1 for z/OS
  • DB2 i 7.1 and higher
  • DB2 i 6.1 and higher
  • DB2 for i 5/OS V5R4 and higher

Version 7.1.6

Certifications

• Certified with SUSE Enterprise Server 15*
  Driver version 07.16.0346 (B0522, U0371)
• Certified with Ubuntu Linux 18.04*
  Driver version 07.16.0346 (B0522, U0371)
• Certified with DB2 V11.5 for Linux, UNIX, Windows (LUW)*
  Driver version 07.16.0336 (B0510, U0363)
• Certified with Red Hat Enterprise 8.0* 
  Driver version 07.16.0336 (B0510, U0363))
• Certified with dashDB (now IBM Db2 Warehouse on Cloud)*
  Driver version 07.16.0275 (B0365, U0243)
• Certified with IBM Db2 Hosted*
  Driver version 7.16.0275 (B0365, U0243)
• Certified with Red Hat Enterprise 7.3*
  Driver version 07.16.0275 (B0365, U0243)
• Certified with DB2 12 for z/OS*
  Driver version 07.16.0273 (B0364, U0243)
• Certified with Windows Server 2019*
• Certified with DB2 I 7.3* (DB2 UDB V7R3 for iSeries)
  Driver version 07.16.0262 (B0346, U0229)
• Certified with DB2 V11.1 for Linux, UNIX, Windows (LUW)
  Driver version 07.16.0253 (B0314, U0208)
• Certified with Windows Server 2016*
  Driver version 07.16.0262 (B0346, U0229)
• Certified with Debian Linux 7.11*, 8.5*
  Driver version 07.16.0253 (B0314, U0208)
• Certified with Ubuntu Linux 14.04*, 16.04*
  Driver version 07.16.0253 (B0314, U0208)
• Certified with Windows 10
• Certified with Red Hat Enterprise 7.1
• Certified with CentOS Linux 7.1
• Certified with Oracle Linux 7.1
• Certified with SUSE Enterprise Server 12

Enhancements

• OpenSSL library 1.1.1l has been replaced with version 1.1.1n. In addition to fixing multiple new vulnerabilities, version 1.1.1n also addresses the vulnerabilities resolved by version 1.1.1l:*
  • SM2 Decryption Buffer Overflow (CVE-2021-3711)
  • Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
• OpenSSL library 1.1.1k has been replaced with version 1.1.1l. In addition to fixing multiple new vulnerabilities, version 1.1.1l also addresses the vulnerabilities resolved by version 1.1.1k:* 
  • CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)
  • NULL pointer deref in signature_algorithms processing (CVE-2021-3449)
  • Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)
  • Integer overflow in CipherUpdate (CVE-2021-23840) 
• OpenSSL library 1.1.1i has been replaced with version 1.1.1l. In addition to fixing multiple new vulnerabilities, version 1.1.1l also addresses the vulnerability resolved by version 1.1.1i: Incorrect behavior of the GENERAL_NAME_cmp function (CVE-2020-1971).*
• OpenSSL library 1.1.1g has been replaced with version 1.1.1l. In addition to fixing multiple new vulnerabilities, version 1.1.1l also addresses the vulnerabilities resolved by version 1.1.1g:*
  • Segmentation fault in SSL_check_chain (CVE-2020-1967)
  • rsaz_512_sqr overflow bug on x86_64 (CVE-2019-1551)  
• OpenSSL library 1.0.2r has been replaced with version 1.0.2u. In addition to fixing multiple new vulnerabilities, version 1.0.2u also addresses the vulnerabilities resolved by version 1.0.2r.*
  Version 1.0.2u of the OpenSSL library fixes the following security vulnerabilities:
  • x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (CVE-2019-1563)
  • Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)
  • Compute ECC cofactors if not provided during EC_GROUP construction (CVE-2019-1547)
  • Installation paths in diverse Windows builds (CVE-2019-1552)

  Note: By default, the driver will attempt to load version 1.1.1 of the library; however, if the library cannot be loaded, the driver will fall back to version 1.0.2.

• The default OpenSSL library version has been updated to 1.1.1d.*
• The driver has been updated with OpenSSL library version 1.0.2r:*
• The driver has been updated with OpenSSL library version 1.0.2n.
• The driver has been updated with OpenSSL library version 1.0.2k.*
• The default OpenSSL library version has been updated to 1.0.2j.*
• The default OpenSSL library version has been updated to 1.0.2h.*
• The default OpenSSL library version has been updated to 1.0.2g.*
• The default OpenSSL library version has been updated to 1.0.2f.
• The new CryptoLibName and SSLLibName connection options allow you to
  designate the OpenSSL libraries used when SSL is enabled.
• The new MinLongVarcharSize connection option allows you to fetch
  SQL_LONGVARCHAR columns whose size is smaller than the minimum
  imposed by some third‐party applications.
• The new VarcharThreshold connection option allows you to fetch columns
  that would otherwise exceed the upper limit of the SQL_VARCHAR type for some
  third‐party applications.

Version 7.1.5

Certifications

• Certified with Red Hat Enterprise 7.0
• Certified with CentOS Linux 7.0
• Certified with Oracle Linux 7.0
• Certified with DB2 I 7.2 (DB2 UDB V7R2 for iSeries)

Enhancements

• The OpenSSL library was upgraded to version 1.0.0r, which fixes the CVE‐2015‐0204 (FREAK) vulnerability. See "RSA silently downgrades to EXPORT_RSA [Client] (CVE‐2015‐0204)" at https://www.openssl.org/news/secadv_20150108.txt for more information.
• The new Crypto Protocol Version connection option allows you to specify the cryptographic protocols used when SSL is enabled. This option can be used to avoid vulnerabilities associated with SSLv3 and SSLv2, including the POODLE vulnerability.

Version 7.1.4

Certifications

• Certified with Windows 8.1
• Certified with DB2 11 for z/OS

Enhancements

• The new KeepAlive connection option allows you to use TCP Keep Alive to maintain idle TCP connections.

Version 7.1.3

Certifications

• Certified with CentOS Linux 4.x, 5.x, and 6.x
• Certified with Oracle Linux 4.x, 5.x, and 6.x
• Certified with DB2 V10.5 for Linux, UNIX, Windows (LUW)

Version 7.1.2

Certifications

• Certified with Oracle Solaris 11.1

Version 7.1.1

Certifications

• Certified with Red Hat 6.3
• Certified with Windows 8 and Windows Server 2012

Version 7.1.0

Certifications

• DB2 V10.1 for Linux, UNIX, Windows (LUW)
• DB2 V9.8 for Linux, UNIX, Windows (LUW)
• Certified with DB2 v9.8 pureScale

Enhancements 

• Returns result set metadata for parameterized statements
  that have been prepared but not yet executed.
• Supports parameter arrays, processing the arrays as a series of
  executions, one execution for each row in the array.
• Provides a connection option that allows you to configure
  the driver to report that it supports transactions, although Hive does not support transactions. This provides a workaround for applications that do not operate with a driver that reports transactions are not supported.
•  The driver provides support for the following standard SQL
  functionality:
  • Create Index, Create Table, and Create View
  • Insert
  • Drop Index, Drop Table, and Drop View