What's New in v20.2.3

December 14, 2020

This page lists additions and changes in v20.2.3 since v20.2.2.


A denial-of-service (DoS) vulnerability is present in CockroachDB v20.2.0 - v20.2.3 due to a bug in protobuf. This is resolved in CockroachDB v20.2.4 and later releases. When upgrading is not an option, users should audit their network configuration to verify that the CockroachDB HTTP port is not available to untrusted clients. We recommend blocking the HTTP port behind a firewall.

For more information, including other affected versions, see Technical Advisory 58932.


Cockroach Labs has discovered a bug relating to incremental backups, for CockroachDB v20.2.0 - v20.2.7. If a backup coincides with an in-progress index creation (backfill), RESTORE, or IMPORT, it is possible that a subsequent incremental backup will not include all of the indexed, restored or imported data.

Users are advised to upgrade to v20.2.8 or later, which includes resolutions.

For more information, including other affected versions, see Technical Advisory 63162.

Get future release notes emailed to you:


Docker image

$ docker pull cockroachdb/cockroach:v20.2.3

SQL language changes

  • Added admin-only crdb_internal functions to enable descriptor repair in dire circumstances. #56937
  • Introduced a hint when GEOS is improperly installed to read the documented [instructions on installing CockroachDB]((../v20.2/install-cockroachdb.html) #57033
  • Added support for running IMPORT in a mixed-version cluster. #57599

API endpoint changes

  • Added a new prometheus metric called seconds_until_license_expiry that reports on the number of seconds until the enterprise license on the cluster expires and 0 if there is no license. It will return a negative number if the expiration is in the past. #56463

DB Console changes

Bug fixes

  • Eliminated opportunity for live lock in jobs subsystem due to frequent updates to already-finished jobs. #56864
  • Fixed a bug causing the LogFile reserved API, which was used by cockroach debug zip, to corrupt log entries. #56902
  • Fixed a bug introduced in the 20.2 series that could cause CockroachDB to crash due to range scans over virtual tables with virtual indexes. #56924
  • Fixed a race condition in the tpcc workload with the --scatter flag where tables could be scattered multiple times or not at all. #56978
  • Fixed a bug causing tables and metadata to be unavailable due to spurious missing fk back reference validation errors. #57083
  • Fixed a bug related to the validation of un-upgraded, pre-19.2 inbound foreign keys. #57133
  • Creating a materialized view that references a column with a NULL value no longer results in an error. #57193
  • Fixed a bug that caused an "ambiguous column reference" error during foreign key cascading updates. This error was incorrectly produced when the child table's reference column name was equal to the concatenation of the parent's reference column name and "_new", and when the child table had a CHECK constraint, a computed column, or a partial index predicate expression that referenced the column. This bug was introduced in version 20.2.0. #57234
  • Fixed a bug that could cause a crash loop in rare circumstances. #57312
  • ST_GeomFromGeoJSON now sets the SRID to 4326, matching PostGIS 3.0 / RFC7946 behavior. #57245
  • SELECT FOR UPDATE now requires both SELECT and UPDATE privileges, instead of just UPDATE privileges. #57350
  • Fixed a bug that caused errors or corrupted partial indexes of child tables in foreign key relationships with cascading UPDATEs and DELETEs. The corrupt partial indexes could result in incorrect query results. Any partial indexes on child tables of foreign key relationships with ON DELETE CASCADE or ON UPDATE CASCADE actions may be corrupt and should be dropped and re-created. This bug was introduced in version 20.2.0. #57325
  • Fixed a bug that could cause new nodes to fail to start up when upgrading to 20.2, due to a startup migration which would fail to terminate due to incorrect pagination in the presence of at least 100 running jobs. #57437
  • Fixed a bug causing an internal error when executing JSONB - String operations via the vectorized execution engine. This bug was introduced in version 20.2.0. #57388
  • Fixed an internal error that could occur when using aggregate and window functions in an ORDER BY for a UNION or VALUES clause. #57521
  • DROP TYPE and certain other statements that work over SQL scalar types now properly support type names containing special characters. #57558
  • Fixed performance regression to reading virtual tables which introspect the schema. This regression was introduced in version 20.2.0. #57574
  • Removed the system.jobs full table scan, which can be expensive with many completed jobs. #57591
  • Users can now perform a cluster restore from old backup chains (i.e., incremental backups on top of full backups), when using the BACKUP INTO syntax. #57667
  • Fixed a bug causing CockroachDB to crash when creating backup schedules writing to GCS buckets. #57651
  • Fixed a bug causing users of the OSS builds of CockroachDB to see "Page Not Found" when loading the DB Console. #56776

Performance improvements

  • Interactions between Raft heartbeats and the Raft goroutine pool scheduler are now more efficient and avoid excessive mutex contention. This was observed to prevent instability on large machines (32+ vCPU) in clusters with many ranges (50k+ per node). #57008


This release includes 46 merged PRs by 20 authors. We would like to thank the following contributors from the CockroachDB community:

  • Joshua M. Clulow (first-time contributor)
YesYes NoNo