Security Enhancement: Accessing a parameer with the type of SQL_C_CHAR, but with a numeric type and a length of zero, the parameter marker would get stropped from the query. In addition, an SQL injection was possible if the parameter value had a nonzero length and was not numeric, the text would be inserted verbatim. (Bug#34575)

Important Change: In previous versions, the SSL certificate would automatically be verified when used as part of the MySQL Connector/ODBC connection. The default mode is now to ignore the verificate of certificates. To enforce verification of the SSL certificate during connection, use the SSLVERIFY DSN parameter, setting the value to 1. (Bug#29955, Bug#34648)

When using ADO, the count of parameters in a query would always return zero. (Bug#33298)

Using tables with a single quote or other nonstandard characters in the table or column names through ODBC would fail. (Bug#32989)

When using Crystal Reports, table and column names would be truncated to 21 characters, and truncated columns in tables where the truncated name was the duplicated would lead to only a single column being displayed. (Bug#32864)

SQLExtendedFetch() and SQLFetchScroll() ignored the rowset size if the Don't cache result DSN option was set. (Bug#32420)

When using the ODBC SQL_TXN_READ_COMMITTED option, 'dirty' records would be read from tables as if the option had not been applied. (Bug#31959)

When creating a System DSN using the ODBC Administrator on Mac OS X, a User DSN would be created instead. The root cause is a problem with the iODBC driver manager used on Mac OS X. The fix works around this issue.

(Bug#31495)

Calling SQLFetch or SQLFetchScroll would return negative data lengths when using SQL_C_WCHAR. (Bug#31220)

SQLSetParam() caused memory allocation errors due to driver manager's mapping of deprecated functions (buffer length -1). (Bug#29871)

Static cursor was unable to be used through ADO when dynamic cursors were enabled. (Bug#27351)

Using connection.Execute to create a record set based on a table without declaring the cmd option as adCmdTable will fail when communicating with versions of MySQL 5.0.37 and higher. The issue is related to the way that SQLSTATE is returned when ADO tries to confirm the existence of the target object. (Bug#27158)

Updating a RecordSet when the query involves a BLOB field would fail. (Bug#19065)

With some connections to MySQL databases using MySQL Connector/ODBC, the connection would mistakenly report 'user cancelled' for accesses to the database information. (Bug#16653)