October 26, 2020
A denial-of-service (DoS) vulnerability is present in CockroachDB v20.2.0 - v20.2.3 due to a bug in protobuf. This is resolved in CockroachDB v20.2.4 and later releases. When upgrading is not an option, users should audit their network configuration to verify that the CockroachDB HTTP port is not available to untrusted clients. We recommend blocking the HTTP port behind a firewall.
For more information, including other affected versions, see Technical Advisory 58932.
Get future release notes emailed to you:
$ docker pull cockroachdb/cockroach-unstable:v20.2.0-rc.3
DB Console changes
- Added the Transactions and Transactions Details pages. These pages allow for viewing stats at the transaction level. #55717
- Previously, we used the
HTTPS_PROXYvariable for the "join RPC" when adding a node to the cluster (the RPC prevents new clusters from starting or adding nodes to an existing cluster). The proxy needed to be configured to transparently pass HTTP/2+GRPC inter-node traffic. This was an unintentional addition, and this patch ignores the proxies for all intra-node traffic. They were already ignored in releases prior to v20.2 testing releases. #55504
- Previously, the filenames for generated goroutine, CPU, and memory profiles were sometimes incorrect, which resulted in repeated warnings like
strconv.ParseUint: parsing "txt": invalid syntaxin log files. This has been corrected. #55366
- Fixed a bug that could occur for spatial queries involving a join between two spatial columns, when there was an additional filter on one of the spatial columns, and that column also had an inverted index defined. This bug could cause incorrect results to be returned, in which some rows were omitted from the output when they should have been included. #55673
INSERTinto a table with a foreign key reference to a table with a partial index no longer causes an error. #55703
- Foreign keys can no longer reference columns that are only indexed by a partial unique index. A partial unique index does not guarantee uniqueness in the entire table; therefore, the column indexed is not guaranteed to be a unique key. #55703
- Previously, cluster backups taken from before v20.2 could not be restored in v20.2 clusters, and would result in an error message about failing to restore a system table. This is now fixed. #55719
- Previously, changing the parent database and schema of a table using
RENAMEwas seemingly permitted but would lead to corruption of the table metadata. Now, an error is returned when attempting to rename a table to a different database— except in the case where both the source and target schemas are the
publicschema in each database, which continues to be supported. #55723
- Fixed a crash that would occur when performing a
SHOW BACKUPagainst a backup that contains a table that references a type in another database. This state was only reachable in v20.2 testing releases. #55786
- Tables can no longer be moved to a different database using the
ALTER TABLE ... RENAME TOstatement if they have columns using user-defined types (i.e.,
This release includes 14 merged PRs by 14 authors.