MySQL Connector/C++ 1.1.8 has been released

Dear MySQL Users,

A new GA (general availability) version of MySQL Connector/C++ has
been made available: MySQL Connector/C++ 1.1.8 GA. The MySQL
Connector/C++ provides a C++ API for connecting client applications to
the MySQL Server 5.5 or newer.

You can download the production release at:

http://dev.mysql.com/downloads/connector/cpp/1.1.html

MySQL Connector C++ (Commercial) will be available for download on the
My Oracle Support (MOS) website. This release will be available on eDelivery
(OSDC) in next month’s upload cycle.

The MySQL driver for C++ offers an easy to use API derived from JDBC
4.0. MySQL Workbench has used it successfully for years.

We have improved the driver since the last GA release. Please see the
documentation and the CHANGES file in the source distribution for a
detailed description of bugs that have been fixed. Bug descriptions are
also listed below.

Enjoy!

======================================================================

Changes in MySQL Connector/C++ 1.1.8 (2016-12-16, General
Availability)

Security Notes

* OpenSSL is ending support for version 1.0.1 in December
2016; see
https://www.openssl.org/policies/releasestrat.html.
Consequently, Connector/C++ Commercial builds now use
version 1.0.2 rather than version 1.0.1, and the linked
OpenSSL library for the Connector/C++ Commercial has been
updated from version 1.0.1 to version 1.0.2j. For a
description of issues fixed in this version, see
https://www.openssl.org/news/vulnerabilities.html.
This change does not affect Oracle-produced MySQL
Community builds of Connector/C++, which use the yaSSL
library instead.

Functionality Added or Changed

* Connector/C++ now supports a OPT_TLS_VERSION connection
option for specifying the protocols permitted for
encrypted connections. The option value is string
containing a comma-separated list of one or more protocol
names. Example:
connection_properties[“OPT_TLS_VERSION”] = sql::SQLString(“TLSv1.1,TLS
v1.2”);

The permitted values depend on the SSL library used to
compile MySQL: TLSv1, TLSv1.1, TLSv1.2 if OpenSSL was
used; TLSv1 and TLSv1.1 if yaSSL was used. The default is
to permit all available protocols.
For more information about connection protocols in MySQL,
see Secure Connection Protocols and Ciphers
(http://dev.mysql.com/doc/refman/5.7/en/secure-connection-protocols-ciphers.html). (Bug #23496967)

* Connector/C++ now supports a OPT_SSL_MODE connection
option for specifying the security state of the
connection to the server. Permitted option values are
SSL_MODE_PREFERRED (the default), SSL_MODE_DISABLED,
SSL_MODE_REQUIRED, SSL_MODE_VERIFY_CA, and
SSL_MODE_VERIFY_IDENTITY. These values correspond to the
values of the –ssl-mode option supported by MySQL client
programs; see Command Options for Secure Connections
(http://dev.mysql.com/doc/refman/5.7/en/secure-connection-options.html).
For example, this setting specifies that
the connection should be unencrypted:
connection_properties[“OPT_SSL_MODE”] = sql::SSL_MODE_DISABLED;

The OPT_SSL_MODE option comprises the capabilities of the
sslEnforce and sslVerify connection options.
Consequently, both of those options are now deprecated.
(Bug #23496952)

* Connector/C++ now supports OPT_MAX_ALLOWED_PACKET and
OPT_NET_BUFFER_LENGTH connection options. Each option
takes a numeric value. They correspond to the
MYSQL_OPT_MAX_ALLOWED_PACKET and
MYSQL_OPT_NET_BUFFER_LENGTH options for the
mysql_options() C API function.

* Issues compiling Connector/C++ under Visual Studio 2015
were corrected.

Bugs Fixed

* A segmentation fault could occur for attempts to insert a
large string using a prepared statement. (Bug #23212333,
Bug #81213)

* The certification verification checks that are enabled by
the verifySSL connection option were not performed
properly. (Bug #22931974)

* Connector/C++ failed to compile against a version of the
MySQL C API older than 5.7. (Bug #22838573, Bug #80539,
Bug #25201287)

On Behalf of the MySQL/ORACLE RE Team
Daniel Horecki