Releases: exasol/oracle-virtual-schema
3.0.3 Fixed vulnerability CVE-2024-47535 in io.netty:netty-common:jar:4.1.104.Final:test
This release fixes the following vulnerability:
CVE-2024-47535 (CWE-400) in dependency io.netty:netty-common:jar:4.1.104.Final:test
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.
References
- https://ossindex.sonatype.org/vulnerability/CVE-2024-47535?component-type=maven&component-name=io.netty%2Fnetty-common&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-47535
- GHSA-xq3w-v528-46rv
Security
- #50: Fixed vulnerability CVE-2024-47535 in dependency
io.netty:netty-common:jar:4.1.104.Final:test
Dependency Updates
Virtual Schema for Oracle
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:7.1.0
to7.1.1
- Updated
com.exasol:extension-manager-integration-test-java:0.5.11
to0.5.12
- Updated
com.exasol:hamcrest-resultset-matcher:1.6.5
to1.7.0
- Updated
com.exasol:test-db-builder-java:3.5.4
to3.6.0
- Updated
com.oracle.database.jdbc:ojdbc8:23.4.0.24.05
to23.6.0.24.10
- Added
io.netty:netty-common:4.1.115.Final
- Updated
nl.jqno.equalsverifier:equalsverifier:3.16.1
to3.17.3
- Updated
org.hamcrest:hamcrest:2.2
to3.0
- Updated
org.jacoco:org.jacoco.agent:0.8.11
to0.8.12
- Updated
org.junit.jupiter:junit-jupiter:5.10.2
to5.11.3
- Updated
org.mockito:mockito-junit-jupiter:5.11.0
to5.14.2
- Updated
org.slf4j:slf4j-jdk14:2.0.13
to2.0.16
- Updated
org.testcontainers:junit-jupiter:1.19.7
to1.20.3
- Updated
org.testcontainers:oracle-xe:1.19.7
to1.20.3
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:2.0.2
to2.0.3
- Updated
com.exasol:project-keeper-maven-plugin:4.3.0
to4.4.0
- Added
com.exasol:quality-summarizer-maven-plugin:0.2.0
- Updated
io.github.zlika:reproducible-build-maven-plugin:0.16
to0.17
- Updated
org.apache.maven.plugins:maven-dependency-plugin:3.6.1
to3.8.0
- Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.4.1
to3.5.0
- Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.2.5
to3.5.1
- Updated
org.apache.maven.plugins:maven-install-plugin:2.4
to3.1.3
- Updated
org.apache.maven.plugins:maven-jar-plugin:3.3.0
to3.4.2
- Updated
org.apache.maven.plugins:maven-resources-plugin:2.6
to3.3.1
- Updated
org.apache.maven.plugins:maven-site-plugin:3.3
to3.9.1
- Updated
org.apache.maven.plugins:maven-surefire-plugin:3.2.5
to3.5.1
- Updated
org.apache.maven.plugins:maven-toolchains-plugin:3.1.0
to3.2.0
- Updated
org.codehaus.mojo:versions-maven-plugin:2.16.2
to2.17.1
- Updated
org.sonarsource.scanner.maven:sonar-maven-plugin:3.11.0.3922
to4.0.0.4121
Extension
Compile Dependency Updates
- Updated
@exasol/extension-manager-interface:0.4.2
to0.4.3
Development Dependency Updates
- Updated
eslint:^8.54.0
to9.14.0
- Added
@types/eslint__js:^8.42.3
- Added
@eslint/js:^9.15.0
- Updated
ts-jest:^29.1.2
to^29.2.5
- Updated
@types/jest:^29.5.12
to^29.5.14
- Added
typescript-eslint:^8.14.0
- Updated
typescript:^5.4.5
to^5.6.3
- Updated
@typescript-eslint/eslint-plugin:^7.8.0
to^8.14.1-alpha.6
- Updated
esbuild:^0.21.0
to^0.24.0
- Removed
@typescript-eslint/parser:^7.8.0
3.0.2 Improve error handling for extension
This release improves error handling when creating a new Virtual Schema using the extension: the extension now checks if a schema with the same name exists and returns a helpful error message. This check is case-insensitive because Exasol's CONNECTION
names are also case-insensitive.
Bugfix
- #45: Added extension JS file to release assets
Dependency Updates
Virtual Schema for Oracle
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:7.0.1
to7.1.0
- Updated
com.exasol:extension-manager-integration-test-java:0.5.9
to0.5.11
- Updated
com.oracle.database.jdbc:ojdbc8:23.3.0.23.09
to23.4.0.24.05
- Updated
org.slf4j:slf4j-jdk14:2.0.12
to2.0.13
Extension
Compile Dependency Updates
- Updated
@exasol/extension-manager-interface:0.4.1
to0.4.2
Development Dependency Updates
- Updated
eslint:^8.53.0
to^8.54.0
- Updated
@typescript-eslint/parser:^6.10.0
to^7.8.0
- Updated
ts-jest:^29.1.1
to^29.1.2
- Updated
@types/jest:^29.5.8
to^29.5.12
- Updated
typescript:^5.2.2
to^5.4.5
- Updated
@typescript-eslint/eslint-plugin:^6.10.0
to^7.8.0
- Updated
ts-node:^10.9.1
to^10.9.2
- Updated
esbuild:^0.19.5
to^0.21.0
3.0.1 Fix vulnerability CVE-2024-29025
This release fixes vulnerabilities by updating dependencies.
Security
- #46: Fixed vulnerability CVE-2024-29025 in test dependency
io.netty:netty-codec-http:jar:4.1.100.Final
Dependency Updates
Virtual Schema for Oracle
Test Dependency Updates
- Updated
com.exasol:extension-manager-integration-test-java:0.5.7
to0.5.9
- Updated
com.exasol:hamcrest-resultset-matcher:1.6.4
to1.6.5
- Updated
com.exasol:test-db-builder-java:3.5.3
to3.5.4
- Updated
com.exasol:udf-debugging-java:0.6.11
to0.6.13
- Updated
nl.jqno.equalsverifier:equalsverifier:3.15.6
to3.16.1
- Updated
org.junit.jupiter:junit-jupiter:5.10.1
to5.10.2
- Updated
org.mockito:mockito-junit-jupiter:5.10.0
to5.11.0
- Updated
org.slf4j:slf4j-jdk14:2.0.11
to2.0.12
- Updated
org.testcontainers:junit-jupiter:1.19.3
to1.19.7
- Updated
org.testcontainers:oracle-xe:1.19.3
to1.19.7
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:1.3.1
to2.0.2
- Updated
com.exasol:project-keeper-maven-plugin:3.0.1
to4.3.0
- Updated
org.apache.maven.plugins:maven-assembly-plugin:3.6.0
to3.7.1
- Updated
org.apache.maven.plugins:maven-compiler-plugin:3.11.0
to3.13.0
- Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.2.3
to3.2.5
- Updated
org.apache.maven.plugins:maven-surefire-plugin:3.2.3
to3.2.5
- Updated
org.codehaus.mojo:flatten-maven-plugin:1.5.0
to1.6.0
- Updated
org.jacoco:jacoco-maven-plugin:0.8.11
to0.8.12
- Updated
org.sonarsource.scanner.maven:sonar-maven-plugin:3.10.0.2594
to3.11.0.3922
3.0.0: Char set is always `utf-8`, deprecated IMPORT_DATA_TYPES `FROM_RESULT_SET` value
Summary
The behaviour when it comes to character sets is now simplified,
The target char set is now always UTF-8.
The IMPORT_DATA_TYPES
property (and value FROM_RESULT_SET
) are now deprecated (change in vs-common-jdbc):
An exception will be thrown when users use FROM_RESULT_SET
. The exception message warns the user that the value is no longer supported and the property itself is also deprecated.
We also updated dependencies and resolved the following 2 CVEs in test dependency org.apache.commons:commons-compress
:
Features
- #42: Updated vs-common-jdbc to v12.0.0 for Exasol V8 changes + adapt tests refactoring
Security
- #43: Fixed CVE-2024-25710 in
org.apache.commons:commons-compress:jar:1.24.0:test
- #44: Fixed CVE-2024-26308 in
org.apache.commons:commons-compress:jar:1.24.0:test
Dependency Updates
Virtual Schema for Oracle
Compile Dependency Updates
- Updated
com.exasol:virtual-schema-common-jdbc:11.0.2
to12.0.0
- Removed
com.oracle.database.jdbc:ojdbc8:23.3.0.23.09
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.6.2
to7.0.1
- Added
com.exasol:extension-manager-integration-test-java:0.5.7
- Updated
com.exasol:hamcrest-resultset-matcher:1.6.1
to1.6.4
- Added
com.exasol:maven-project-version-getter:1.2.0
- Updated
com.exasol:test-db-builder-java:3.5.1
to3.5.3
- Updated
com.exasol:virtual-schema-common-jdbc:11.0.2
to12.0.0
- Updated
com.exasol:virtual-schema-shared-integration-tests:2.2.5
to3.0.0
- Added
com.oracle.database.jdbc:ojdbc8:23.3.0.23.09
- Updated
nl.jqno.equalsverifier:equalsverifier:3.15.2
to3.15.6
- Updated
org.jacoco:org.jacoco.agent:0.8.10
to0.8.11
- Updated
org.junit.jupiter:junit-jupiter:5.10.0
to5.10.1
- Updated
org.mockito:mockito-junit-jupiter:5.5.0
to5.10.0
- Updated
org.slf4j:slf4j-jdk14:2.0.9
to2.0.11
- Updated
org.testcontainers:junit-jupiter:1.19.1
to1.19.3
- Updated
org.testcontainers:oracle-xe:1.19.1
to1.19.3
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:1.3.0
to1.3.1
- Updated
com.exasol:project-keeper-maven-plugin:2.9.12
to3.0.1
- Updated
org.apache.maven.plugins:maven-clean-plugin:2.5
to3.3.2
- Updated
org.apache.maven.plugins:maven-dependency-plugin:3.6.0
to3.6.1
- Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.4.0
to3.4.1
- Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.1.2
to3.2.3
- Updated
org.apache.maven.plugins:maven-surefire-plugin:3.1.2
to3.2.3
- Added
org.apache.maven.plugins:maven-toolchains-plugin:3.1.0
- Added
org.codehaus.mojo:exec-maven-plugin:3.1.0
- Updated
org.codehaus.mojo:versions-maven-plugin:2.16.0
to2.16.2
- Updated
org.jacoco:jacoco-maven-plugin:0.8.10
to0.8.11
- Updated
org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184
to3.10.0.2594
Extension
Compile Dependency Updates
- Added
@exasol/extension-manager-interface:0.4.1
Development Dependency Updates
- Added
eslint:^8.53.0
- Added
@typescript-eslint/parser:^6.10.0
- Added
ts-jest:^29.1.1
- Added
@types/jest:^29.5.8
- Added
typescript:^5.2.2
- Added
@typescript-eslint/eslint-plugin:^6.10.0
- Added
jest:29.7.0
- Added
ts-node:^10.9.1
- Added
esbuild:^0.19.5
2.4.2: Fix CVE-2023-42503 in test dependency
Summary
This release fixes CVE-2023-42503 in test dependency org.apache.commons:commons-compress
.
Security
- #34: Fixed CVE-2023-42503 in test dependency
org.apache.commons:commons-compress
Dependency Updates
Compile Dependency Updates
- Updated
com.exasol:virtual-schema-common-jdbc:10.5.0
to11.0.2
- Updated
com.oracle.database.jdbc:ojdbc8:21.9.0.0
to23.3.0.23.09
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.5.1
to6.6.2
- Updated
com.exasol:hamcrest-resultset-matcher:1.5.2
to1.6.1
- Updated
com.exasol:test-db-builder-java:3.4.2
to3.5.1
- Updated
com.exasol:udf-debugging-java:0.6.8
to0.6.11
- Updated
com.exasol:virtual-schema-common-jdbc:10.5.0
to11.0.2
- Updated
com.exasol:virtual-schema-shared-integration-tests:2.2.3
to2.2.5
- Updated
nl.jqno.equalsverifier:equalsverifier:3.14
to3.15.2
- Updated
org.jacoco:org.jacoco.agent:0.8.8
to0.8.10
- Updated
org.junit.jupiter:junit-jupiter:5.9.2
to5.10.0
- Updated
org.mockito:mockito-junit-jupiter:5.2.0
to5.5.0
- Updated
org.slf4j:slf4j-jdk14:2.0.6
to2.0.9
- Updated
org.testcontainers:junit-jupiter:1.17.6
to1.19.1
- Updated
org.testcontainers:oracle-xe:1.17.6
to1.19.1
Plugin Dependency Updates
- Updated
com.exasol:artifact-reference-checker-maven-plugin:0.4.0
to0.4.2
- Updated
com.exasol:error-code-crawler-maven-plugin:1.1.1
to1.3.0
- Updated
com.exasol:project-keeper-maven-plugin:2.4.6
to2.9.12
- Updated
io.github.zlika:reproducible-build-maven-plugin:0.15
to0.16
- Updated
org.apache.maven.plugins:maven-assembly-plugin:3.3.0
to3.6.0
- Updated
org.apache.maven.plugins:maven-compiler-plugin:3.10.1
to3.11.0
- Updated
org.apache.maven.plugins:maven-dependency-plugin:3.3.0
to3.6.0
- Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.0.0
to3.4.0
- Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.0.0-M5
to3.1.2
- Updated
org.apache.maven.plugins:maven-jar-plugin:3.2.2
to3.3.0
- Updated
org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M5
to3.1.2
- Added
org.basepom.maven:duplicate-finder-maven-plugin:2.0.1
- Updated
org.codehaus.mojo:flatten-maven-plugin:1.2.7
to1.5.0
- Updated
org.codehaus.mojo:versions-maven-plugin:2.10.0
to2.16.0
- Updated
org.jacoco:jacoco-maven-plugin:0.8.8
to0.8.10
2.4.1: Maintenance
Summary
Renamed error codes from VS-ORA
to VSORA
and updated dependencies to replace com.exasol:exasol-script-api
by udf-api-java/1.0.1
as com.exasol:exasol-script-api
had been available on discontinued maven repository maven.exasol.com
.
Please note that updated dependency virtual-schema-common-jdbc
adds support for a new adapter property MAX_TABLE_COUNT
and fixes ambiguous results by escaping SQL wildcards such as underscore _
and percent %
in names of catalogs, schemas, and tables when retrieving column metadata from JDBC driver.
Bugfixes
Dependency Updates
Compile Dependency Updates
- Updated
com.exasol:error-reporting-java:1.0.0
to1.0.1
- Updated
com.exasol:virtual-schema-common-jdbc:10.1.0
to10.5.0
- Updated
com.oracle.database.jdbc:ojdbc8:21.7.0.0
to21.9.0.0
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.4.0
to6.5.1
- Updated
com.exasol:test-db-builder-java:3.4.1
to3.4.2
- Updated
com.exasol:udf-debugging-java:0.6.5
to0.6.8
- Updated
com.exasol:virtual-schema-common-jdbc:10.1.0
to10.5.0
- Updated
com.exasol:virtual-schema-shared-integration-tests:2.2.2
to2.2.3
- Updated
nl.jqno.equalsverifier:equalsverifier:3.12.1
to3.14
- Updated
org.junit.jupiter:junit-jupiter:5.9.1
to5.9.2
- Updated
org.mockito:mockito-junit-jupiter:4.9.0
to5.2.0
- Added
org.slf4j:slf4j-jdk14:2.0.6
2.4.0: Dependency Upgrade
Summary
Enabled to use Oracle database with characters not strictly ASCII by updating dependencies and using a new version of virtual-schema-common-jdbc.
Virtual-schema-common-jdbc version 10.0.0 introduced enhanced detection for data types of result sets.
Unfortunately with the new algorithm compatibility problems with the source database can happen under the following circumstances:
- data type
CHAR
orVARCHAR
- 8-bit character sets with encodings like
latin1
orISO-8859-1
- characters being not strictly ASCII, e.g. German umlaut "Ü"
The current release therefore uses an updated version of virtual-schema-common-jdbc
with an additional adapter property to configure the data type detection.
For details please see adapter Properties for JDBC-Based Virtual Schemas.
Features
- #26: Enabled to use Oracle database with characters not strictly ASCII.
Dependency Updates
Compile Dependency Updates
- Updated
com.exasol:virtual-schema-common-jdbc:10.0.1
to10.1.0
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.2.0
to6.4.0
- Updated
com.exasol:test-db-builder-java:3.3.4
to3.4.1
- Updated
com.exasol:udf-debugging-java:0.6.4
to0.6.5
- Updated
com.exasol:virtual-schema-common-jdbc:10.0.1
to10.1.0
- Updated
nl.jqno.equalsverifier:equalsverifier:3.10.1
to3.12.1
- Updated
org.mockito:mockito-junit-jupiter:4.8.0
to4.9.0
- Updated
org.testcontainers:junit-jupiter:1.17.3
to1.17.6
- Updated
org.testcontainers:oracle-xe:1.17.3
to1.17.6
2.3.0: Enhanced Data Type Detection for Result Sets and Fixed Vulnerabilities in Dependencies
Summary
Starting with version 7.1.14 Exasol database uses the capabilities reported by each virtual schema to provide select list data types for each push down request. Based on this information the JDBC virtual schemas no longer need to infer the data types of the result set by inspecting its values. Instead the JDBC virtual schemas can now use the information provided by the database.
This release provides enhanced data type detection for result sets by updating virtual-schema-common-jdbc
to version 10.0.1.
Additionally this release fixes vulnerabilities CVE-2022-38751 and CVE-2022-38752 reported for transitive dependency snakeyaml required by
Features
- #23: Updated to VSCJDBC 10.0.1 and fixed vulnerabilities.
Dependency Updates
Compile Dependency Updates
- Updated
com.exasol:db-fundamentals-java:0.1.2
to0.1.3
- Updated
com.exasol:error-reporting-java:0.4.1
to1.0.0
- Updated
com.exasol:virtual-schema-common-jdbc:9.0.4
to10.0.1
- Updated
com.oracle.database.jdbc:ojdbc8:21.5.0.0
to21.7.0.0
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.1.1
to6.2.0
- Updated
com.exasol:hamcrest-resultset-matcher:1.5.1
to1.5.2
- Updated
com.exasol:test-db-builder-java:3.3.2
to3.3.4
- Updated
com.exasol:udf-debugging-java:0.6.2
to0.6.4
- Updated
com.exasol:virtual-schema-common-jdbc:9.0.4
to10.0.1
- Updated
com.exasol:virtual-schema-shared-integration-tests:2.2.0
to2.2.2
- Updated
nl.jqno.equalsverifier:equalsverifier:3.10
to3.10.1
- Updated
org.junit.jupiter:junit-jupiter:5.8.2
to5.9.1
- Updated
org.mockito:mockito-junit-jupiter:4.6.1
to4.8.0
- Updated
org.testcontainers:junit-jupiter:1.17.2
to1.17.3
- Updated
org.testcontainers:oracle-xe:1.17.2
to1.17.3
2.2.2: Updated dependencies and plugins
Summary
Updated dependencies, plugins, fixed broken links checker
Dependency Updates
Runtime Dependency Updates
- Added
org.glassfish:jakarta.json:2.0.1
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.0.0
to6.1.1
- Updated
com.exasol:test-db-builder-java:3.3.0
to3.3.2
- Updated
com.exasol:udf-debugging-java:0.5.0
to0.6.2
- Updated
nl.jqno.equalsverifier:equalsverifier:3.9
to3.10
- Updated
org.jacoco:org.jacoco.agent:0.8.5
to0.8.8
- Updated
org.mockito:mockito-junit-jupiter:4.3.1
to4.6.1
- Updated
org.testcontainers:junit-jupiter:1.16.3
to1.17.2
- Updated
org.testcontainers:oracle-xe:1.16.3
to1.17.2
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:1.1.0
to1.1.1
- Updated
com.exasol:project-keeper-maven-plugin:2.3.0
to2.4.6
- Updated
org.apache.maven.plugins:maven-compiler-plugin:3.9.0
to3.10.1
- Updated
org.apache.maven.plugins:maven-dependency-plugin:3.2.0
to3.3.0
- Updated
org.apache.maven.plugins:maven-jar-plugin:3.2.0
to3.2.2
- Updated
org.codehaus.mojo:versions-maven-plugin:2.8.1
to2.10.0
- Updated
org.jacoco:jacoco-maven-plugin:0.8.7
to0.8.8
- Updated
org.sonatype.ossindex.maven:ossindex-maven-plugin:3.1.0
to3.2.0
2.2.0: Import from ora: explicit data types switch.
Features
- #14: Explicitly state types when using IMPORT_FROM_ORA: Added GENERATE_JDBC_DATATYPE_MAPPING_FOR_OCI flag to virtual schema adapter for this functionality.
Dependency Updates
Test Dependency Updates
- Updated
com.exasol:virtual-schema-shared-integration-tests:2.1.1
to2.2.0
- Added
org.jacoco:org.jacoco.agent:0.8.5
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:0.7.1
to1.1.0
- Updated
com.exasol:project-keeper-maven-plugin:1.3.4
to2.3.0
- Updated
org.apache.maven.plugins:maven-dependency-plugin:2.8
to3.2.0
- Updated
org.apache.maven.plugins:maven-jar-plugin:3.2.2
to3.2.0
- Added
org.codehaus.mojo:flatten-maven-plugin:1.2.7
- Updated
org.codehaus.mojo:versions-maven-plugin:2.9.0
to2.8.1
- Added
org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184
- Updated
org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0
to3.1.0