Progress OpenEdge

Progress DataDirect Connect and Connect64 for ODBC Progress OpenEdge Wire Protocol Driver

An asterisk (*) indicates support that was added in a hotfix or software patch subsequent to a release.

Version 7.1.6

Certifications
  • Certified with Progress OpenEdge 12.0* (driver version 07.16.0186 (B0433, U0285))
  • Certified with Progress OpenEdge 11.7* (driver version 07.16.0175 (B0296, U0197))
  • Certified with Red Hat Enterprise 7.3* (driver version 07.16.0175 (B0296, U0197))
  • Certified with Windows Server 2016* (driver version 07.16.0264 (B0332, U0218))
  • Certified with Debian Linux 7.11*, 8.5* (driver version 07.16.0175 (B0296, U0197))
  • Certified with Ubuntu Linux 14.04*, 16.04* (driver version 07.16.0175 (B0296, U0197))
  • Certified with Windows 10
  • Certified with Red Hat Enterprise 7.1
  • Certified with CentOS Linux 7.1
  • Certified with Oracle Linux 7.1
  • Certified with SUSE Enterprise Server 12
  • Certified with Progress OpenEdge 11.6 (driver version 07.16.0175 (B0296, U0197))*
Enhancements
  • The driver has been updated with OpenSSL library version 1.0.2r, which addresses the following security vulnerabilities:*
    • 0-byte record padding oracle (CVE-2019-1559)
    • Microarchitecture timing vulnerability in ECC scalar
      multiplication (CVE-2018-5407)
    • Timing vulnerability in DSA signature generation (CVE-2018-0734)
    • Client DoS due to large DH parameter (CVE-2018-0732)
    • Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
    • Constructed ASN.1 types with a recursive definition could exceed the stack (CVE-2018-0739)

    Version 1.0.2r also addresses the following vulnerabilities resolved by earlier versions of the library.

    For more information on the OpenSSL vulnerabilities resolved by this upgrade, refer to the corresponding OpenSSL announcements at https://www.openssl.org/news/openssl-1.0.2-notes.html.
  • The default OpenSSL library version has been updated to 1.0.2n.*
  • The default OpenSSL library version has been updated to 1.0.2k.*
  • The default OpenSSL library version has been updated to 1.0.2j.*
  • The default OpenSSL library version has been updated to 1.0.2h.*
  • The default OpenSSL library version has been updated to 1.0.2g.*
  • The default OpenSSL library version has been updated to 1.0.2f.
  • The new CryptoLibName and SSLLibName connection options allow you to
    designate the OpenSSL libraries used when SSL is enabled.

Version 7.1.5

Certifications
  • Certified with Red Hat Enterprise 7.0
  • Certified with CentOS Linux 7.0
  • Certified with Oracle Linux 7.0
  • Certified with Progress OpenEdge 11.4, 11.5
Enhancements
  • The OpenSSL library was upgraded to version 1.0.0r, which fixes the
    CVE‐2015‐0204 (FREAK) vulnerability. See "RSA silently downgrades
    to EXPORT_RSA [Client] (CVE‐2015‐0204)" at
    https://www.openssl.org/news/secadv_20150108.txt for more
    information.
  • The new Crypto Protocol Version connection option allows you to specify
    the cryptographic protocols used when SSL is enabled. This option can be
    used to avoid vulnerabilities associated with SSLv3 and SSLv2, including
    the POODLE vulnerability.

Version 7.1.4

Certifications
  • Certified with Windows 8.1
Enhancements
  • The new KeepAlive connection option allows you to use TCP Keep Alive to maintain idle TCP connections.

Version 7.1.3

Certifications
  • Certified with CentOS Linux 4.x, 5.x, and 6.x
  • Certified with Oracle Linux 4.x, 5.x, and 6.x
  • Certified with Progress OpenEdge 11.1, 11.2, and 11.3.

Version 7.1.2

Certifications
  • Certified with Oracle Solaris 11.1

Version 7.1.1

Certifications
  • Certified with Red Hat 6.3
  • Certified with Windows 8 and Windows Server 2012

Version 7.1.0

No changes for this release.



patch-whats-new

Read Next

What's new