What's New in v19.2.0-rc.4

November 7, 2019


A denial-of-service (DoS) vulnerability is present in CockroachDB v19.2.0 - v19.2.11 due to a bug in protobuf. This is resolved in CockroachDB v19.2.12 and later releases. When upgrading is not an option, users should audit their network configuration to verify that the CockroachDB HTTP port is not available to untrusted clients. We recommend blocking the HTTP port behind a firewall.

For more information, including other affected versions, see Technical Advisory 58932.

Get future release notes emailed to you:


Docker image

$ docker pull cockroachdb/cockroach-unstable:v19.2.0-rc.4

SQL language changes

  • CockroachDB now uses the zig-zag join algorithm only in cases where it can benefit performance. #42186
  • Added the sql.defaults.zigzag_join.enabled cluster setting, which can be used to control the default value of the enable_zigzag_join session variable and, thus, whether zig-zag joins are allowed. #42182
  • The error message generated when a transaction containing DDL is both partially committed and partially rolled back (XXAOO) now contains a link to GitHub issue #42061 where this situation is discussed further. #42090

Bug fixes

  • CockroachDB now supports GSSAPI authentication from Postgres 11.5 and 12.0 clients. #42189
  • Fixed a "cannot map variable to an indexed var" error for certain queries against partitioned tables. #42183
  • Fixed "output columnTypes unset after planning" and "inconsistent post-processing" errors for certain queries involving UNION ALL. #42184
  • Fixed an "invalid indexIdx" error for certain queries involving zig-zag joins. #42182


This release includes 6 merged PRs by 3 authors.

Yes No

Yes No