Microsoft distributes Microsoft SQL Server 2008 Service Pack 3 (SP3) or Microsoft SQL Server 2008 R2 fixes as one downloadable file. Because the fixes are cumulative, each new release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 Service Pack 3 (SP3) or SQL Server 2008 R2 fix release.
Symptoms
Consider the following scenario:
-
You have a client application that uses Java and Microsoft JDBC Driver for SQL Server to connect to SQL Server.
-
You upgrade Oracle Java Runtime Environment (JRE) to version 6 Update 29 or a later version.
-
After you upgrade JRE, you can no longer connect to SQL Server.
In this scenario, JDBC Driver might stop responding when it is trying to open the connection. Additionally, JDBC Driver fails immediately and a call stack is generated if one of the following methods is used to encrypt connections:
-
The Encrypt property is set to True in the connection URL.
-
SQL Server is configured to force encryption.
Notes
-
You may experience this issue if you use third-party implementations of Secure Sockets Layer (SSL)/Transport Layer Security (TLS) that contain the same behavioral change as JRE version 6 Update 29 and later versions. This change in behavior fixes a specific security issue known as "BEAST." If you are unsure whether a third-party product contains an implementation of SSL/TLS that includes this change, contact the product’s vendor.
-
Any data access provider that uses the OpenSSLlibrary may also cause this issue.
Cause
This issue occurs because the SQL Server engine cannot handle login records when SSL data is split into multiple Tabular Data Stream (TDS) packets.
Resolution
Service pack information for SQL Server 2008 R2
To resolve this problem, obtain the latest service pack for SQL Server 2008 R2. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
2527041 How to obtain the latest service pack for SQL Server 2008 R2
Cumulative update information
SQL Server 2008 R2 Service Pack 1
The fix for this issue was first released in Cumulative Update 6 for SQL Server 2008 R2 Service Pack 1. For more information about how to obtain this cumulative update package, click the following article number to view the article in the Microsoft Knowledge Base:
2679367 Cumulative Update package 6 for SQL Server 2008 R2 Service Pack 1Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 R2 fix release. We recommend that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
2567616 The SQL Server 2008 R2 builds that were released after SQL Server 2008 R2 Service Pack 1 was released
Cumulative update package 3 for SQL Server 2008 SP3
The fix for this issue was first released in Cumulative Update 3. For more information about how to obtain this cumulative update package for SQL Server 2008 Service Pack 3, click the following article number to view the article in the Microsoft Knowledge Base:
2648098 Cumulative update package 3 for SQL Server 2008 Service Pack 3Note Because the builds are cumulative, each new fix release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2008 Service Pack 3 fix release. We recommend that you consider applying the most recent fix release that contains this hotfix. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
2629969 The SQL Server 2008 builds that were released after SQL Server 2008 Service Pack 3 was released
More Information
For more information about this issue, visit the following website:
Workaround
To work around this issue, use one of the following methods:
-
Use an earlier version of Oracle JRE than JRE version 6 Update 29.
-
Disable SSL record splitting at the JRE level.
Notes-
This method might have security implications for HTTP communications.
-
For more information about this procedure, you can contact.
-
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
This problem was first corrected in SQL Server 2008 R2 Service Pack 2.