RELEASE-NOTES.html

<html lang="en">
<title>Release Notes for Apache Derby 10.12.0.0</title>
<body>
<h1>
<a name="Release Notes for Apache Derby 10.12.0.0"></a>Release Notes for Apache Derby 10.12.0.0</h1>
<div>
<p>These notes describe the difference between Apache Derby release 10.12.0.0 and the preceding release 10.11.1.1.</p>
</div>
<ul>
<li>
<a href="#Overview">Overview</a>
</li>
<li>
<a href="#New Features">New Features</a>
</li>
<li>
<a href="#Bug Fixes">Bug Fixes</a>
</li>
<li>
<a href="#Issues">Issues</a>
</li>
<li>
<a href="#Build Environment">Build Environment</a>
</li>
<li>
<a href="#Verifying Releases">Verifying Releases</a>
</li>
</ul>
<h2>
<a name="Overview"></a>Overview</h2>
<div>


<p>
The most up to date information about Derby releases can be found on the
<a href="http://db.apache.org/derby/derby_downloads.html">Derby download page</a>.
</p>


<p>
Apache Derby is a pure Java relational database engine using standard SQL and
JDBC as its APIs. More information about Derby can be found on the
<a href="http://db.apache.org/derby/">Apache web site</a>.
Derby functionality includes:
</p>


<ul>

<li>Embedded engine with JDBC drivers</li>

<li>Network Server</li>

<li>Network client JDBC drivers</li>

<li>Command line tools: ij (SQL scripting), dblook (schema dump) and sysinfo (system info)</li>

</ul>


<p>
Support for Java SE 6 and Java SE 7 is being sunsetted. The 10.13 release family will not support those platforms. The 10.12 release family supports the following Java and JDBC versions:
</p>

<ul>
  
<li>Java SE 6 and higher with JDBC 4.0, 4.1, and 4.2.</li>
  
<li>Java SE 8 compact profile 2.</li>

</ul>

</div>
<h2>
<a name="New Features"></a>New Features</h2>
<div>


<p>
This is a feature release. The following new features were added:
</p>


<ul>


<li>
<b>ALTER TABLE and identity columns</b> - The ALTER TABLE command can be used to add identity columns now. See the section on this statement in the Derby Reference Manual.</li>


<li>
<b>Cache-monitoring MBean</b> - An MBean has been added for monitoring internal Derby caches. See the description of <i>CacheManagerMBean</i> in the "Introduction to the Derby MBeans" section of the Derby Server and Administration Guide.</li>


<li>
<b>Optional Tool for Handling JSON Data</b> - An optional tool has been added for packing query results into JSON documents and for unpacking JSON documents into tabular result sets. See the section on the <i>simpleJson</i> optional tool in the Derby Tools and Utilities Guide.</li>


<li>
<b>Statistics aggregates</b> - SQL Standard VAR_POP(), VAR_SAMP(), STDDEV_POP(), and STDDEV_SAMP() aggregates have been added. See the "Aggregates (set functions)" section in the Derby Reference Manual.</li>


</ul>


</div>
<h2>
<a name="Bug Fixes"></a>Bug Fixes</h2>
<div>
<p>The following issues are addressed by Derby release 10.12.0.0. These issues are not addressed in the preceding 10.11.1.1 release.</p>
<table border="2">
<tr>
<th>
<div style="width:110px;">Issue Id</div>
</th><th>Description</th>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6829">DERBY-6829</a></td><td>Document the simpleJson optional tool and the SimpleJsonVTI.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6825">DERBY-6825</a></td><td>Add basic JSON support to Derby.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6824">DERBY-6824</a></td><td>Move ShutdownException into shared code area</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6820">DERBY-6820</a></td><td>Improve error handling in XmlVTI</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6807">DERBY-6807</a></td><td>XXE attack possible by using XmlVTI and the XML datatype</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6801">DERBY-6801</a></td><td>Implement MessageUtils class so client and server can share message argument encoding/decoding</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6800">DERBY-6800</a></td><td>Implement DerbySQLIntegrityConstraintViolationException class</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6783">DERBY-6783</a></td><td>WHEN clause in CREATE TRIGGER for UPDATE is not working for the sql script below</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6774">DERBY-6774</a></td><td>background post commit threads cause ASSERTS/errors on interaction with alter table add column</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6769">DERBY-6769</a></td><td>sane.derbyTesting.jar.lastcontents can be "out of date" but no build error results</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6768">DERBY-6768</a></td><td>List the enabled protocols in derby.log for network server configuration</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6753">DERBY-6753</a></td><td>Docs for IDENTITY_VAL_LOCAL needs to be updated to indicate that the return value will be impacted by single row UPDATE of identity column</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6751">DERBY-6751</a></td><td>Prevent user code from getting the LanguageConnectionContext from an EmbedConnection</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6748">DERBY-6748</a></td><td>Localize messages introduced or changed in 10.11.1</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6744">DERBY-6744</a></td><td>Update the documentation of security policy files to include the new usederbyinternals SystemPermission</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6742">DERBY-6742</a></td><td>For update statement, collect generated keys if Statement.RETURN_GENERATED_KEYS flag is supplied to the JDBC call.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6741">DERBY-6741</a></td><td>User code can get the ContextManager from an EmbedConnection</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6737">DERBY-6737</a></td><td>CLOB retrieve exceptions after moving cursor around</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6733">DERBY-6733</a></td><td>Implement an MBean for monitoring caches</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6730">DERBY-6730</a></td><td>Cannot create a Lucene index if a key column's name is case-sensitive</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6724">DERBY-6724</a></td><td>NPE if insert statement needs recompilation after having fired a trigger</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6722">DERBY-6722</a></td><td>GenericStatementContext.cleanupOnError() needs protection from later errors during statement cleanup</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6720">DERBY-6720</a></td><td>Add derbyoptionaltools.jar to the maven artifacts we publish</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6719">DERBY-6719</a></td><td>Add derbyoptionaltools.jar to the class paths of the scripts in the bin directory</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6717">DERBY-6717</a></td><td>Policies with multiple SystemPermissions are not handled well</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6714">DERBY-6714</a></td><td>RuntimeInfoTest failed with insufficient data from server</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6705">DERBY-6705</a></td><td>Triggers should not allow MERGE statements that reference temporary tables</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6703">DERBY-6703</a></td><td>MERGE statement fails with NullPointerException if ON clause references non-existent column</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6662">DERBY-6662</a></td><td>DatabaseMetaData.usesLocalFiles() returns true for in-memory databases</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6654">DERBY-6654</a></td><td>Require that generated code live in the org.apache.derby.exe package.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6648">DERBY-6648</a></td><td>Application code should not be able to call ContextService.getContextOrNull()</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6636">DERBY-6636</a></td><td>The public api of BaseDataFileFactory may allow blackhats to assume elevated privileges.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6635">DERBY-6635</a></td><td>OptimizerTracer.unloadTool() could be used to write garbage over Derby data files.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6632">DERBY-6632</a></td><td>Applications may be able to use StorageFactoryService to delete Derby databases and overwrite service.properties.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6631">DERBY-6631</a></td><td>FileMonitor can be used to elevate an application's privileges</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6630">DERBY-6630</a></td><td>Applications can use JCECipherFactory to elevate their privileges to those granted to Derby</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6619">DERBY-6619</a></td><td>After silently swallowing SecurityExceptions, Derby can leak class loaders</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6617">DERBY-6617</a></td><td>Silently swallowed SecurityExceptions may disable Derby features, including security features.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6592">DERBY-6592</a></td><td>Update the version of ant which we tell new developers to use.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6569">DERBY-6569</a></td><td>NULLIF may return incorrect results if first operand calls non-deterministic function</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6475">DERBY-6475</a></td><td>Update documentation for SYSTRIGGERS after DERBY-5866 changes</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-6414">DERBY-6414</a></td><td>Incorrect handling when using an UPDATE to SET an identity column to DEFAULT</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-5466">DERBY-5466</a></td><td>Add support for SQL Standard statistics functions, such as STDDEV_POP, STDDEV_SAMP, VAR_POP, VAR_SAMP</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-5165">DERBY-5165</a></td><td>Prepared XA transaction locks are not kept across DB restart</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-4057">DERBY-4057</a></td><td>Space is not reclaimed if transaction is rolled back</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-3888">DERBY-3888</a></td><td>ALTER TABLE ... ADD COLUMN cannot add identity columns</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-3195">DERBY-3195</a></td><td>Describe if default security manager &amp; policy is installed or not on each of the mechanisms to start the network server.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-3005">DERBY-3005</a></td><td>Document possibility to specify method signature in EXTERNAL NAME when creating a procedure/function</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-2238">DERBY-2238</a></td><td>Example of ScalarSubquery in Derby Reference Manual is not ScalarSubquery</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-2051">DERBY-2051</a></td><td>CachedItem's comments and code are inconsistent wrt. syncronization</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-691">DERBY-691</a></td><td>committed deleted row space reclamation may be missed if delete is actually an aborted insert.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/DERBY-600">DERBY-600</a></td><td>Document that DB is booted in read-only mode if not able to create db.lck file</td>
</tr>
</table>
</div>
<h2>
<a name="Issues"></a>Issues</h2>
<div>
<p>Compared with the previous release (10.11.1.1), Derby release 10.12.0.0 introduces the following new features and incompatibilities. These merit your special attention.</p>
<ul>
<li>
<a href="#Note for DERBY-6807"><span>Note for DERBY-6807: 
XML parsing is now performed more securely.
</span></a>
</li>
<li>
<a href="#Note for DERBY-6648"><span>Note for DERBY-6648: 
Security policy files must grant a new permission to derby.jar,
derbynet.jar, and derbyoptionaltools.jar.
</span></a>
</li>
<li>
<a href="#Note for DERBY-6414"><span>Note for DERBY-6414: 
UPDATE statements now accept DEFAULT as a valid value for identity columns.
</span></a>
</li>
</ul>
<hr>
<h3>
<a name="Note for DERBY-6807"></a>Note for DERBY-6807</h3>
<div>


<h4>Summary of Change</h4>

<p>
XML parsing is now performed more securely.
</p>



<h4>Symptoms Seen by Applications Affected by Change</h4>

<p>
If no Java Security Manager was in place, Derby applications were vulnerable
to XML External Entity Expansion attacks (XXE attacks). Such attacks could
result in disclosure of sensitive information that the application's user
should not have been allowed to view.
</p>

<p>
If a Derby application used the XmlVTI to parse XML documents, that application
was also vulnerable if not protected by a Security Manager policy.
</p>



<h4>Incompatibilities with Previous Release</h4>

<p>
Applications which depended on the ability to have Derby's XML parser expand
external entities may now be unable to use that functionality unless they
correctly deploy a Java Security Manager policy authorizing the filesystem
access performed by the entity expansion.
</p>



<h4>Rationale for Change</h4>

<p>
This change was made to prevent any unauthorized information disclosure by
the XML parser.
</p>


<h4>Application Changes Required</h4>

<p>
For detailed information on configuring Derby with a Java Security Manager
policy, please see <a href="http://db.apache.org/derby/docs/10.11/security/">
the Derby Security Guide</a>.
</p>



</div>
<hr>
<h3>
<a name="Note for DERBY-6648"></a>Note for DERBY-6648</h3>
<div>


<h4>Summary of Change</h4>

<p>
Security policy files must grant a new permission to derby.jar,
derbynet.jar, and derbyoptionaltools.jar.
</p>



<h4>Symptoms Seen by Applications Affected by Change</h4>

<p>
Unless this new permission is granted, databases won't boot, the
network server won't come up, and the Lucene plugin won't be usable.
If Derby runs under a SecurityManager whose policy file doesn't include
this new permission, then users will see the following error when booting
databases and servers and when using the Lucene plugin:
</p>


<pre>
java.security.AccessControlException: access denied org.apache.derby.security.SystemPermission( "engine", "usederbyinternals" )
</pre>



<h4>Incompatibilities with Previous Release</h4>

<p>
When Derby is run under a Security Manager, databases and servers
won't boot and the Lucene plugin won't be usable unless a new permission is added to the
security policy.
</p>


<h4>Rationale for Change</h4>

<p>
Additional security has been added to Derby. When running under a
Security Manager, embedding applications and database
routines can no longer access certain sensitive internal structures.
</p>


<h4>Application Changes Required</h4>

<p>
Users who run Derby under a SecurityManager must edit the policy file
and grant the following additional permission to derby.jar,
derbynet.jar, and derbyoptionaltools.jar:
</p>


<pre>
  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
</pre>


</div>
<hr>
<h3>
<a name="Note for DERBY-6414"></a>Note for DERBY-6414</h3>
<div>


<h4>Summary of Change</h4>

<p>
UPDATE statements now accept DEFAULT as a valid value for identity columns.
</p>



<h4>Symptoms Seen by Applications Affected by Change</h4>

<p>
In previous releases of Derby, the following UPDATE statements would
raise exceptions:
</p>


<pre>
create table t1( a int generated always as identity, b int );
insert into t1( a, b ) values ( default, 100 );
update t1 set a = default;
ERROR 42Z23: Attempt to modify an identity column 'A'.

create table t2( a int generated by default as identity, b int );
insert into t2( a, b ) values ( default, 100 );
update t2 set a = default;
ERROR 23502: Column 'A' cannot accept a NULL value.
</pre>


<p>
The fix for DERBY-6414 makes the above two UPDATE statements work. Now
those statements update the identity columns with their next generated values.
</p>


<h4>Rationale for Change</h4>

<p>
The new behavior conforms to the SQL Standard.
</p>



<h4>Application Changes Required</h4>

<p>
Applications no longer need to look for exceptions 42Z23 and 23502 when updating identity columns.
</p>



</div>
</div>
<h2>
<a name="Build Environment"></a>Build Environment</h2>
<div>
<p>Derby release 10.12.0.0 was built using the following environment:</p>
<ul>
<li>
<b>Branch</b> - Source code came from the 10.12 branch.</li>
<li>
<b>Machine</b> - Mac OSX 10.7.5.</li>
<li>
<b>Ant</b> - Apache Ant(TM) version 1.9.2 compiled on July 8 2013.</li>
<li>
<b>Compiler</b> - All classes were compiled by the javac from the 1.8.0-b132 JDK, Java HotSpot(TM) 64-Bit Server VM (build 25.0-b70, mixed mode).</li>
<li>
<b>JSR 169</b> - Support for JSR 169 has been deprecated.</li>
</ul>
</div>
<h2>
<a name="Verifying Releases"></a>Verifying Releases</h2>
<div>


<p>It is essential that you verify the integrity of the downloaded
files using the PGP and MD5 signatures.  MD5 verification ensures the
file was not corrupted during the download process.  PGP verification
ensures that the file came from a certain person.</p>


<p>The PGP signatures can be verified using
<a href="http://www.pgpi.org/">PGP</a> or
<a href="http://www.gnupg.org/">GPG</a>.
First download the Apache Derby
<a href="http://svn.apache.org/repos/asf/db/derby/code/trunk/KEYS">KEYS</a>
as well as the <code>asc</code> signature file for the particular
distribution. It is important that you get these files from the ultimate
trusted source - the main ASF distribution site, rather than from a mirror.
Then verify the signatures using ...</p>


<pre>
% pgpk -a KEYS
% pgpv db-derby-X.Y.tar.gz.asc

<em>or</em>

% pgp -ka KEYS
% pgp db-derby-X.Y.tar.gz.asc

<em>or</em>

% gpg --import KEYS
% gpg --verify db-derby-X.Y.tar.gz.asc

</pre>


<p>To verify the MD5 signature on the files, you need to use a program
called <code>md5</code> or <code>md5sum</code>, which is
included in many unix distributions.  It is also available as part of
<a href="http://www.gnu.org/software/textutils/textutils.html">GNU
Textutils</a>.  Windows users can get binary md5 programs from <a href="http://www.fourmilab.ch/md5/">here</a>, <a href="http://www.pc-tools.net/win32/freeware/console/">here</a>, or
<a href="http://www.slavasoft.com/fsum/">here</a>.</p>


<p>We strongly recommend that you verify your downloads with both PGP and MD5.</p>



</div>
</body>
</html>