Progress DataDirect Connect and Connect64 for ODBC DB2 Wire Protocol Driver
An asterisk (*) indicates support that was added in a hotfix or software patch subsequent to a release.
- Certified with Debian Linux 7.11*, 8.5* (driver version 07.16.0253 (B0314, U0208))
- Certified with Ubuntu Linux 14.04*, 16.04* (driver version 07.16.0253 (B0314, U0208))
- Certified with Windows 10
- Certified with Red Hat Enterprise 7.1
- Certified with CentOS Linux 7.1
- Certified with Oracle Linux 7.1
- Certified with SUSE Enterprise Server 12
The drivers have been updated with OpenSSL library version 1.0.2j, which addresses the following security vulnerabilities*:
- "Missing CRL sanity check" (CVE-2016-7052)
- "OCSP Status Request extension unbounded memory growth" (CVE-2016-6304)
- "SWEET32 Mitigation" (CVE-2016-2183)
- "OOB write in MDC2_Update()" (CVE-2016-6303)
- "Malformed SHA512 ticket DoS" (CVE-2016-6302)
- "OOB write in BN_bn2dec()" (CVE-2016-2182)
- "OOB read in TS_OBJ_print_bio()" (CVE-2016-2180)
- "Pointer arithmetic undefined behaviour" (CVE-2016-2177)
- "Constant time flag not preserved in DSA signing" (CVE-2016-2178)
- "DTLS buffered message DoS" (CVE-2016-2179)
- "DTLS replay protection DoS" (CVE-2016-2181)
- "Certificate message OOB reads" (CVE-2016-6306)
Version 1.0.2h also addresses the following vulnerabilities resolved by earlier versions of the library.
Originally resolved by the version 1.0.2h upgrade:
- "Padding oracle in AES-NI CBC MAC check" (CVE-2016-2107)
- "EVP_EncodeUpdate overflow" (CVE-2016-2105)
- "EVP_EncryptUpdate overflow" (CVE-2016-2106)
- "ASN.1 BIO excessive memory allocation" (CVE-2016-2109)
- "EBCDIC overread" (CVE-2016-2176)
Originally resolved by the version 1.0.2g upgrade:
- "missing Memory allocation success checks in doapr_outch function in
- "Cross‐protocol attack on TLS using SSLv2 (DROWN)" (CVE‐2016‐0800)
- "memory issues in BIO_*printf functions" (CVE‐2016‐0799)
- "Memory leak in SRP database lookups" (CVE‐2016‐0798)
- "Double‐free in DSA code" (CVE‐2016‐0705)
- "Side channel attack on modular exponentiation" (CVE-2016-0702)
Originally resolved by the version 1.0.2.f upgrade:
For more information on the OpenSSL vulnerabilities resolved by this upgrade,
refer to the corresponding OpenSSL announcements at
- Provides stronger cryptographic assurance against the "Logjam" vulnerability (CVE‐2015‐4000)
- "DH small subgroups" (CVE‐2016‐0701)
- "SSLv2 doesn't block disabled ciphers" (CVE‐2015‐3197)
- "BN_mod_exp may produce incorrect results on x86_64" (CVE‐2015‐3193)
- "Certificate verify crash with missing PSS parameter"(CVE‐2015‐3194)
- "X509_ATTRIBUTE memory leak" (CVE‐2015‐3195)
- The default OpenSSL library version has been updated to 1.0.2h.*
- The default OpenSSL library version has been updated to 1.0.2g.*
- The default OpenSSL library version has been updated to 1.0.2f.
- The new CryptoLibName and SSLLibName connection options allow you to
designate the OpenSSL libraries used when SSL is enabled.
- The new MinLongVarcharSize connection option allows you to fetch
SQL_LONGVARCHAR columns whose size is smaller than the minimum
imposed by some third‐party applications.
- The new VarcharThreshold connection option allows you to fetch columns
that would otherwise exceed the upper limit of the SQL_VARCHAR type for some
- Certified with Red Hat Enterprise 7.0
- Certified with CentOS Linux 7.0
- Certified with Oracle Linux 7.0
- Certified with DB2 I 7.2 (DB2 UDB V7R2 for iSeries)
- The OpenSSL library was upgraded to version 1.0.0r, which fixes the CVE‐2015‐0204 (FREAK) vulnerability. See "RSA silently downgrades to EXPORT_RSA [Client] (CVE‐2015‐0204)" at https://www.openssl.org/news/secadv_20150108.txt for more information.
- The new Crypto Protocol Version connection option allows you to specify the cryptographic protocols used when SSL is enabled. This option can be used to avoid vulnerabilities associated with SSLv3 and SSLv2, including the POODLE vulnerability.
- Certified with Windows 8.1
- Certified with DB2 11 for z/OS
The new KeepAlive connection option allows you to
use TCP Keep Alive to maintain idle TCP connections.
- Certified with CentOS Linux 4.x, 5.x, and 6.x
- Certified with Oracle Linux 4.x, 5.x, and 6.x
- Certified with DB2 V10.5 for Linux, UNIX, Windows (LUW)
- Certified with Oracle Solaris 11.1
- Certified with Red Hat 6.3
- Certified with Windows 8 and Windows Server 2012
- DB2 V10.1 for Linux, UNIX, Windows (LUW)
- DB2 V9.8 for Linux, UNIX, Windows (LUW)
- Certified with DB2 v9.8 pureScale
- Returns result set metadata for parameterized statements
that have been prepared but not yet executed.
- Supports parameter arrays, processing the arrays as a series of
executions, one execution for each row in the array.
- Provides a connection option that allows you to configure
the driver to report that it supports transactions, although Hive does not support transactions. This provides a workaround for applications that do not operate with a driver that reports transactions are not supported.
- The driver provides support for the following standard SQL
- Create Index, Create Table, and Create View
- Drop Index, Drop Table, and Drop View