An asterisk (*) indicates support that was added in a hotfix or software patch subsequent to a release.

Refer to the following resources for additional information:

• Product Compatibility Guide: Provides the latest data source and platform support information. 
• Fixes: Describes the issues resolved since general availability.  

Version 8.0.1

Enhancements

• The default version of the OpenSSL library has been upgraded to version 3.0.9, which fixes the security vulnerabilities listed on the following page: https://www.openssl.org/news/vulnerabilities-3.0.html.*

  Notes:

  • The driver supports the following OpenSSL 3.0 providers: Default and FIPS.
  • The FIPS provider is supported only on the following platforms: Windows 64-bit, Linux 64-bit, and AIX 64-bit.
  • When installing a new version of the product, the installer program will automatically replace the OpenSSL 1.1.1 library files with the OpenSSL 3.0 library files in the install directory, which will impact all the DataDirect ODBC drivers installed on a machine. Therefore:
    • If you are using multiple 8.0 drivers, upgrade all your drivers to the latest version.
    • If you are using both 8.0 and 7.1 versions of the driver, copy the xxtls27.dll/libxxtls27.so[.sl] file to a different location before installing a new version of the 8.0 driver. Copy it back to the install directory once the installation is complete.
• The default version of the OpenSSL library has been upgraded to version 1.1.1t, which fixes the following security vulnerabilities:*
  • X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
  • Use-after-free following BIO_new_NDEF (CVE-2023-0215)
  • Double free after calling PEM_read_bio_ex (CVE-2022-4450)
  • Timing Oracle in RSA Decryption (CVE-2022-4304)

  Version 1.1.1t also addresses vulnerabilities resolved by earlier versions of the library. For more information on the installed library files, refer to the readme.
  For more information on the OpenSSL vulnerabilities resolved by this upgrade, refer to the corresponding OpenSSL announcements at https://www.openssl.org/news/vulnerabilities-1.1.1.html.

• The curl library files that are installed with the product have been upgraded to version 7.88.1, which fixes a number of potential security vulnerabilities. For more information on the vulnerabilities resolved by this enhancement, refer to: https://curl.haxx.se/docs/vulnerabilities.html.
  This upgrade is available starting in build 08.02.0693 of the curl library files.
• The curl library files that are installed with the product have been upgraded to version 7.84.0, which fixes a number of potential security vulnerabilities. For more information on the vulnerabilities resolved by this enhancement, refer to: https://curl.haxx.se/docs/vulnerabilities.html. This upgrade is available starting in build 08.02.0435 of the curl library files.*
• The driver has been enhanced to support the Windows certificate store for TLS/SSL server authentication. Refer to the user's guide for details.*
• The driver has been enhanced to support TLS/SSL server authentication for the applications deployed in a serverless environment. The driver stores the TLS/SSL certificates in memory and lets applications use TLS/SSL server authentication without storing the truststore file on the disk. To use this enhancement, specify the content of the certificate in the refreshed Trust Store (Truststore) connection option or the new SQL_COPT_INMEMORY_TRUSTSTORECERT pre-connection attribute. Refer to the user's guide for details.*
• OpenSSL library 1.1.1n has been replaced with version 1.1.1t. In addition to fixing multiple new vulnerabilities, version 1.1.1t also addresses the vulnerabilities resolved by version 1.1.1n:*
  • Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)
  • BN_mod_exp may produce incorrect results on MIPS (CVE-2021-4160)
• The curl library files that are installed with the product have been upgraded to version 7.80.0, which fixes a number of potential security vulnerabilities. For more information on the vulnerabilities resolved by this enhancement, refer to: https://curl.haxx.se/docs/vulnerabilities.html.*
  This upgrade is available starting in build 08.02.0278 of the curl library files.
• The curl library files that are installed with the product have been upgraded to version 7.75.0, which fixes a number of potential security vulnerabilities. For more information on the vulnerabilities resolved by this enhancement, refer to: https://curl.haxx.se/docs/vulnerabilities.html.
  This upgrade is available starting in build 08.02.0239 of the curl library files.
• OpenSSL library 1.1.1l has been replaced with version 1.1.1n. In addition to fixing multiple new vulnerabilities, version 1.1.1n also addresses the vulnerabilities resolved by version 1.1.1l:* 
  • SM2 Decryption Buffer Overflow (CVE-2021-3711)
  • Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
• OpenSSL library 1.1.1k has been replaced with version 1.1.1l. In addition to fixing multiple new vulnerabilities, version 1.1.1l also addresses the vulnerabilities resolved by version 1.1.1k:* 
  • CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)
  • NULL pointer deref in signature_algorithms processing (CVE-2021-3449)
  • Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)
  • Integer overflow in CipherUpdate (CVE-2021-23840) 
• OpenSSL library 1.1.1i has been replaced with version 1.1.1l. In addition to fixing multiple new vulnerabilities, version 1.1.1l also addresses the vulnerability resolved by version 1.1.1i: Incorrect behavior of the GENERAL_NAME_cmp function (CVE-2020-1971).*
• OpenSSL library 1.1.1g has been replaced with version 1.1.1l. In addition to fixing multiple new vulnerabilities, version 1.1.1l also addresses the vulnerabilities resolved by version 1.1.1g:*
  • Segmentation fault in SSL_check_chain (CVE-2020-1967)
  • rsaz_512_sqr overflow bug on x86_64 (CVE-2019-1551)  
• The drivers using base version B0649 and later have been enhanced to include timestamp in the internal packet logs by default. If you want to disable the timestamp logging in packet logs, set PacketLoggingOptions=1. The internal packet logging is not enabled by default. To enable it, set EnablePacketLogging=1.*
• OpenSSL library 1.0.2r has been replaced with version 1.0.2u. In addition to fixing multiple new vulnerabilities, version 1.0.2u also addresses the vulnerabilities resolved by version 1.0.2r.*
  Version 1.0.2u of the OpenSSL library fixes the following security vulnerabilities:
  • x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (CVE-2019-1563)
  • Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)
  • Compute ECC cofactors if not provided during EC_GROUP construction (CVE-2019-1547)
  • Installation paths in diverse Windows builds (CVE-2019-1552)

  Note: By default, the driver will attempt to load version 1.1.1 of the library; however, if the library cannot be loaded, the driver will fall back to version 1.0.2.

• The Driver Manager for UNIX/Linux has been enhanced to support setting the Unicode encoding type for applications on a per connection basis. By passing a value for the SQL_ATTR_APP_UNICODE_TYPE attribute using SQLSetConnectAttr, your application can specify the encoding at connection. This allows your application to pass both UTF-8 and UTF-16 encoded strings with a single environment handle.*
  The valid values for the SQL_ATTR_APP_UNICODE_TYPE attribute are SQL_DD_CP_UTF8 and SQL_DD_CP_UTF16. The default value is SQL_DD_CP_UTF8.
  This enhancement is available in build 08.02.0449 of the driver manager.
• The curl library files that are installed with the product have been upgraded to version 7.66.0, which fixes a number of potential security vulnerabilities. For more information on the vulnerabilities resolved by this enhancement, refer to: https://curl.haxx.se/docs/vulnerabilities.html.

  This upgrade is available starting in build 08.02.0116 of the curl library files.*

• The default OpenSSL library version has been updated to 1.1.1d.*
• The new AllowedOpenSSLVersions option determines which version of the OpenSSL library file the driver uses for data encryption when multiple versions are installed with the product. For example, when specifying a value of 1.1.1 (AllowedOpenSSLVersions=1.1.1) the driver uses the 1.1.1 version of the library that is installed with the driver.*
• The driver has been enhanced to support ACID operations for Inserts, Updates, and Deletes on servers that are configured to use them.*
• The default version of the OpenSSL library has been updated to 1.0.2r.*    
• The driver has been enhanced to support Apache ZooKeeper, including Kerberos authentication. It can be configured using the refreshed Host Name connection option and the new ZooKeeper Discovery and ZooKeeper Namespace connection options.*
• The driver has been enhanced to support HTTP mode, which allows you to access Apache Hive data stores using HTTP/HTTPS requests. HTTP mode can be configured using the new Transport Mode and HTTP Path connection options.
• The driver has been enhanced to support session cookie based authentication for HTTP connections. Cookie based authentication can be configured using the new Enable Cookie Authentication and Cookie Name connection options.
• The driver has been enhanced to support HTTP connections to Apache Knox gateways.
• The new Array Insert Size connection option provides a workaround for memory and server issues that can sometimes occur when inserting a large number of rows that contain large values.These issues are most likely to occur when connecting through Apache Knox. 
  
• The OpenSSL library has been updated to version 1.0.2n.

Changed Behavior

• The product no longer includes version 1.1.1 of the OpenSSL library. The library will reach the end of its product life cycle in September 2023 and will not receive any security updates after that. Note that continuing to use the library after September 2023 can potentially expose you to security vulnerabilities.*

  Note: As a result of this change, when installing a new version of the product, the installer program will automatically remove version 1.1.1 of the library from the install directory, which will impact all the DataDirect ODBC drivers installed on a machine.

• The product no longer includes version 1.0.2 of the OpenSSL library. The library has reached the end of its product life cycle and is not receiving security updates anymore. Note that continuing to use the library could potentially expose you to security vulnerabilities.*
  Note: As a result of this change, when installing a new version of the driver, the installer program will automatically remove version 1.0.2 of the library from the install directory.
• The Array Size (ArraySize) connection option has been renamed Array Fetch Size (ArrayFetchSize). The ArraySize attribute will continue to be supported for this release, but will be deprecated in subsequent versions of the product.
  

Version 8.0.0

Enhancements

• The driver has been updated with OpenSSL library version 1.0.2k.*
• The driver has been enhanced to optimize the performance of fetches.
• The new Min Long Varchar Size connection option allows you to fetch SQL_LONGVARCHAR columns whose size is smaller than the minimum imposed by some third-party applications, such as SQL Server Linked Server.
• The new Varchar Threshold connection option allows you to fetch columns that would otherwise exceed the upper limit of the SQL_VARCHAR type for some third-party applications, such as SQL Server Linked Server.
• The new Max String Size connection option allows you to determine the maximum size of columns of the String data type that the driver describes through result set descriptions and catalog functions. This option replaces the Max Varchar Size connection option.
• The new Catalog Mode connection option allows you to determine whether the driver uses native catalog functions to retrieve information returned by the SQLTables, SQLColumns, and SQLStatistics catalog functions. In the default setting, the driver employs a balance of native functions and driver-discovered information for the optimal balance of performance and accuracy when retrieving catalog information. This option replaces the Use Native Catalog Functions option.
• The driver includes a new Tableau data source file (Windows only) that provides improved functionality when accessing your data with Tableau.
• The driver and Driver Manager have been enhanced to support UTF-8 encoding in the odbc.ini and odbcinst.ini files.
• The default OpenSSL library version has been updated to 1.0.2j.
  Note: OpenSSL library 1.0.2j has been replaced with version 1.0.2n.

Changed Behavior

• The driver supports the HiveServer2 protocol and higher, and as a result:
  • Support for the HiveServer1 protocol has been deprecated
  • The Wire Protocol Version connection option has been deprecated
• The Use Native Catalog Functions connection option has been replaced by the new Catalog Mode connection option. The UseNativeCatalogFunctions attribute will continue to be supported for this release, but will be deprecated in subsequent versions of the product.
• The Max Varchar Size connection option has been replaced by the new Max String Size connection option. The MaxVarcharSize attribute will continue to be supported for this release, but will be deprecated in subsequent versions of the product.
• The Authentication Method connection option has been refreshed with a new valid value for enabling Kerberos Authentication. To use Kerberos authentication with the driver, set AuthenticationMethod=4.
• The default value for Crypto Protocol Version has been updated to TLSv1.2,TLSv1.1,TLSv1. This change improves the security of the driver by employing only the most secure cryptographic protocols as the default behavior.
• The valid and default values for the String Describe Type connection have been updated:
  • Valid values: -10 (SQL_WLONGVARCHAR) | -9 (SQL_WVARCHAR)
  • Default value: -9 (SQL_WVARCHAR)

Version 7.1.6

Enhancements

• The default OpenSSL library version has been updated to 1.0.2h.*
  Note: OpenSSL library 1.0.2h has been replaced with version 1.0.2n.
• The default OpenSSL library version has been updated to 1.0.2g.*
  Note: OpenSSL library 1.0.2g has been replaced with version 1.0.2n.
• The default OpenSSL library version has been updated to 1.0.2f.
  Note: OpenSSL library 1.0.2f has been replaced with version 1.0.2n.
• The driver has been enhanced to support row-level inserts when connected to Hive 0.14 or higher.
• The Batch Mechanism connection option has been added to the driver. By setting BatchMechanism to 2 (MultiRowInsert), you enable the driver to use a parameterized multi-row insert statement to execute batch inserts. MultiRowInsert is the default setting and provides substantial performance gains when performing batch inserts.
• The new CryptoLibName and SSLLibName connection options allow you to 
   designate the OpenSSL libraries used when SSL is enabled.
• The driver has been enhanced to support SSL encryption.
• The Array Size connection option has been refreshed to allow specifying  the number of cells retrieved instead of rows. By determining the fetch size based on the number of cells, the driver can avoid out of memory errors when fetching from tables containing a large number of columns. 

Changed Behavior

• The Authentication Method connection option has been refreshed with a new valid value for enabling Kerberos Authentication. To use Kerberos  authentication with the driver, set AuthenticationMethod=4.

Version 7.1.5

Enhancements

• The driver has been enhanced to support the Char data type
  when connected to Hive 0.13 and higher.
• The driver has been enhanced to support the Decimal data type
  when connected to Hive 0.11 and higher.
• The driver has been enhanced to support the Date and Varchar data types
  in Hive 0.12 and higher.

Version 7.1.4

Enhancements

• The new TCP Keep Alive connection option allows you to use TCP Keep Alive to maintain idle TCP connections.

Version 7.1.3

Enhancements

• The Use Native Catalog Functions connection option allows you to use native
  catalog functions to retrieve information returned by SQLTables, SQLColumns,
  and SQLStatistics catalog functions.
• Support for Kerberos Authentication.

Version 7.1.2

No features introduced 

Version 7.1.1

No features introduced

Enhancements

• Added support for HiveServer2.
• When connected to HiveServer2, simultaneous connections per port
  are supported.
• The new Wire Protocol Version connection option specifies the
  version of the Hive Server to which the driver will connect.
• The String Describe Type connection option now allows you to describe
  string columns as SQL_WLONGVARCHAR or SQL_WVARCHAR.

Changed Behavior 

• The Password connection attribute is now required for a connection
  to HiveServer2.
• The User Name connection attribute is now required for a connection
  to HiveServer2.

Version 7.1.0

Features

• Returns result set metadata for parameterized statements
  that have been prepared but not yet executed.
• Supports parameter arrays, processing the arrays as a series of
  executions, one execution for each row in the array.
• Provides a connection option that allows you to configure
  the driver to report that it supports transactions, although Hive does not support transactions. This provides a workaround for applications that do not operate with a driver that reports transactions are not supported.
•  The driver provides support for the following standard SQL
  functionality:
  • Create Index, Create Table, and Create View
  • Insert
  • Drop Index, Drop Table, and Drop View