Home Services Partners Company

Apache Spark SQL

Progress DataDirect for ODBC for Apache Spark SQL Wire Protocol Driver

An asterisk (*) indicates support that was added in a hotfix or software patch subsequent to a release.

Version 8.0.2

Operating System Certifications
  • Certified with Debian Linux 7.11*, 8.5* (driver version 08.01.0088 (B0138, U0095))
  • Certified with Ubuntu Linux 14.04*, 16.04* (driver version 08.01.0088 (B0138, U0095))
Enhancements
  • The drivers have been updated with OpenSSL library version 1.0.2j, which addresses the following security vulnerabilities*:

    • "Missing CRL sanity check" (CVE-2016-7052)
    • "OCSP Status Request extension unbounded memory growth" (CVE-2016-6304)
    • "SWEET32 Mitigation" (CVE-2016-2183)
    • "OOB write in MDC2_Update()" (CVE-2016-6303)
    • "Malformed SHA512 ticket DoS" (CVE-2016-6302)
    • "OOB write in BN_bn2dec()" (CVE-2016-2182)
    • "OOB read in TS_OBJ_print_bio()" (CVE-2016-2180)
    • "Pointer arithmetic undefined behaviour" (CVE-2016-2177)
    • "Constant time flag not preserved in DSA signing" (CVE-2016-2178)
    • "DTLS buffered message DoS" (CVE-2016-2179)
    • "DTLS replay protection DoS" (CVE-2016-2181)
    • "Certificate message OOB reads" (CVE-2016-6306)

    Version 1.0.2h also addresses the following vulnerabilities resolved by earlier versions of the library.

    Originally resolved by the version 1.0.2h upgrade:

    • "Padding oracle in AES-NI CBC MAC check" (CVE-2016-2107)
    • "EVP_EncodeUpdate overflow" (CVE-2016-2105)
    • "EVP_EncryptUpdate overflow" (CVE-2016-2106)
    • "ASN.1 BIO excessive memory allocation" (CVE-2016-2109)
    • "EBCDIC overread" (CVE-2016-2176)

    Originally resolved by the version 1.0.2g upgrade:

    • "missing Memory allocation success checks in doapr_outch function in
      crypto/bio/b_print.c" (CVE‐2016‐2842)
    • "Cross‐protocol attack on TLS using SSLv2 (DROWN)" (CVE‐2016‐0800)
    • "memory issues in BIO_*printf functions" (CVE‐2016‐0799)
    • "Memory leak in SRP database lookups" (CVE‐2016‐0798)
    • "Double‐free in DSA code" (CVE‐2016‐0705)
    • "Side channel attack on modular exponentiation" (CVE-2016-0702)

    Originally resolved by the version 1.0.2.f upgrade:

    • Provides stronger cryptographic assurance against the "Logjam" vulnerability (CVE‐2015‐4000)
    • "DH small subgroups" (CVE‐2016‐0701)
    • "SSLv2 doesn't block disabled ciphers" (CVE‐2015‐3197)
    • "BN_mod_exp may produce incorrect results on x86_64" (CVE‐2015‐3193)
    • "Certificate verify crash with missing PSS parameter"(CVE‐2015‐3194)
    • "X509_ATTRIBUTE memory leak" (CVE‐2015‐3195)
    For more information on the OpenSSL vulnerabilities resolved by this upgrade, refer to the corresponding OpenSSL announcements at https://www.openssl.org/news/openssl-1.0.2-notes.html.
  • The default OpenSSL library version has been updated to 1.0.2h.*
  • The default OpenSSL library version has been updated to 1.0.2g.*
  • The default OpenSSL library version has been updated to 1.0.2f.

Version 8.0.1

Certifications
  • Certified with Spark SQL 1.4.x and 1.5.x
Enhancements
  • The driver has been enhanced to support the Decimal and Varchar data types.
  • The new Min Long Varchar Size connection option allows you to fetch SQL_LONGVARCHAR columns whose size is smaller than the minimum imposed by some third-party applications, such as SQL Server Linked Server.
  • The new Varchar Threshold connection option allows you to fetch columns that would otherwise exceed the upper limit of the SQL_VARCHAR type for some third-party applications, such as SQL Server Linked Server.

Version 8.0.0

Features
  • Support for Apache Spark SQL 1.2.x and 1.3.x.
  • DataDirect Wire Protocol technology for improved response time and throughput.
  • Support for all ODBC Core and Level 1 functions.
  • Support for core SQL-92 grammar.
  • Advanced security features, including:
    • Kerberos authentication
    • Data encryption
patch-whats-new

Read Next

What's new