What's New in v20.2.0-rc.2

Cockroach Labs will stop providing Assistance Support for this version on May 10, 2022. Prior to that date, upgrade to a more recent version to continue receiving support. For more details, see the Release Support Policy.

October 20, 2020


A denial-of-service (DoS) vulnerability is present in CockroachDB v20.2.0 - v20.2.3 due to a bug in protobuf. This is resolved in CockroachDB v20.2.4 and later releases. When upgrading is not an option, users should audit their network configuration to verify that the CockroachDB HTTP port is not available to untrusted clients. We recommend blocking the HTTP port behind a firewall.

For more information, including other affected versions, see Technical Advisory 58932.

Get future release notes emailed to you:


Docker image

$ docker pull cockroachdb/cockroach-unstable:v20.2.0-rc.2

Backward-incompatible changes

  • The Docker image is now based on RedHat's ubi8/ubi-minimal image (instead of ubi8/ubi). This image is smaller. #55519

Bug fixes

  • Prevented a crash in pre-release v20.2 binaries in plans that use the new virtual table lookup join feature. #55321
  • CockroachDB now returns an appropriate error when attempting to partition by an ENUM column instead of crashing. #55357
  • Fixed an issue where DB Console screens were not working properly when the user was logged in with a username containing uppercase or non-normalized unicode characters. #55384
  • The OIDC-based UI process now respects the LOGIN role option. #55384
  • Added the hostname command to the Docker image so the image can be used with the CockroachDB Helm chart and cockroach-operator. #55390
  • Fixed a bug that caused incorrect query results on tables with partial indexes. This bug did not affect any queries involving tables without partial indexes. #55394
  • Previously, observer statements (e.g., SHOW SYNTAX) and PREPARE statements would display a negative execution time on the client. This is now fixed. #55431
  • The CREATE USER statement without explicit NOLOGIN option implicitly grants LOGIN, and so requires the CREATELOGIN privilege. This was not checked properly, and is now enforced. This bug was introduced earlier in the v20.2 development cycle. #55369
  • The information_schema.tables metadata table no longer ignores tables from other schemas when searching based on table name. #55522


This release includes 11 merged PRs by 9 authors.

YesYes NoNo