Changed functionality in Db2 11.5.9
Changed functionality typically involves changes in default values or an outcome different from what would have occurred in previous releases. For example, an SQL statement used in a previous release might produce different results in Db2 11.5.9
- Db2 Distributed (on-premises)
- Db2 Warehouse on Cloud
Maintaining application compatibility across releases is a key priority. However, some behavior has to change to take advantage of new functionality in the current release.
The following table lists changed functionality in Db2 11.5.9:
Changed registry and environment variables
| Affected command or database object | Changed behavior |
|---|---|
| The DB2_LOAD_RESTRICTED_IO_PATH miscellaneous variable is now available for IMPORT and EXPORT operations with the ADMIN_CMD procedure. | With the release of Db2
11.5.9,
Db2 database administrators can now restrict use of the ADMIN_CMD IMPORT and
EXPORT features
to predefined paths, by using the DB2_LOAD_RESTRICTED_IO_PATH miscellaneous variable. For example, if the DB2_LOAD_RESTRICTED_IO_PATH option is enabled, the ADMIN_CMD(IMPORT) file path for FROM
filename, and the path(s) for LOBS FROM lob-path and XML FROM
xml-path must all exist within the restricted paths. Also, the ADMIN_CMD(EXPORT) file path
for TO filename, and the path(s) for LOBS TO lob-path and
XML TO xml-path must all exist within the restricted paths. |
Changed database configuration parameters and driver properties
| Affected command or database object | Changed behavior |
|---|---|
| New default setting for the IBM Data Server Driver for JDBC and SQLJ securityMechanism configuration keyword and property. |
With the release of Db2 11.5.9, the default security mechanism of the IBM Data Server Driver for JDBC and SQLJ is ENCRYPTED_USER_AND_PASSWORD_SECURITY. Before version 11.5.9 of the IBM Data Server Driver for JDBC and SQLJ, the default security mechanism is CLEAR_TEXT_PASSWORD_SECURITY. If the data server does not support CLEAR_TEXT_PASSWORD_SECURITY, but supports ENCRYPTED_USER_AND_PASSWORD_SECURITY, the driver changes the security mechanism to ENCRYPTED_USER_AND_PASSWORD_SECURITY and attempts to connect to the data server. Any other mismatch in security mechanism support between the requester and the data server results in an error. For more information, see securityMechanism IBM data server driver configuration keyword (for the IBM Data Server Driver for JDBC and SQLJ) |
Changed encrypted communication functionality
| Affected command or database object | Changed behavior |
|---|---|
| Transport Layer Protocol (TLS) 1.2 is now the default TLS version in Db2. | With the release of Db2
11.5.9,
TLS 1.2 is now the default TLS version when TLS is used to encrypt communication. TLS 1.0 and 1.1
are no longer enabled by default. To re-enable support for older TLS versions, refer to the
following knowledge centre topics:
Ensure support for TLS 1.2 is available in all federated data sources before upgrading to
11.5.9.
For the LDAP database directory and federation web services wrappers, refer to DB2_ENABLE_LEGACY_TLS_DEFAULTS Note: TLS 1.1 and 1.0 are deprecated, so it is
not recommended to re-enable these versions unless absolutely necessary.
|