October 12, 2020
This page lists additions and changes in v20.1.7 since v20.1.6.
- For a comprehensive summary of features in v20.1, see the v20.1 GA release notes.
- To upgrade to the latest production release of CockroachDB, see this article.
A denial-of-service (DoS) vulnerability is present in CockroachDB v20.1.0 - v20.1.10 due to a bug in protobuf. This is resolved in CockroachDB v20.1.11 and later releases. When upgrading is not an option, users should audit their network configuration to verify that the CockroachDB HTTP port is not available to untrusted clients. We recommend blocking the HTTP port behind a firewall.
For more information, including other affected versions, see Technical Advisory 58932.
Cockroach Labs has discovered a bug relating to incremental backups, for CockroachDB v20.1.0 - v20.1.13. If a backup coincides with an in-progress index creation (backfill), RESTORE, or IMPORT, it is possible that a subsequent incremental backup will not include all of the indexed, restored or imported data.
Users are advised to upgrade to v20.1.15 or later, which includes resolutions.
For more information, including other affected versions, see Technical Advisory 63162.
Get future release notes emailed to you:
Downloads
Docker image
$ docker pull cockroachdb/cockroach:v20.1.7
Security updates
- Fixed a case where connections to Google Cloud storage would ignore the
--external-io-disable-implicit-credentialsflag tocockroach start. #55091
General changes
- Reduced the memory overhead of rangefeeds (i.e., long-lived requests) which reduces the memory overhead for running
CHANGEFEEDs over large tables. #54632
Bug fixes
- Fixed a bug where columns used in an index which contained the columns of a foreign key as a prefix could lead to all of the index columns being set to NULL or the default value on cascade. #54543
- Fixed a bug causing servers to crash with the message "committed txn with writeTooOld". Versions below 20.1.4 are susceptible to this bug. Versions 20.1.4+ will not crash, but instead print messages to the log files. #54282
- Fixed a rare bug which can lead to index backfills failing in the face of transaction restarts. #54859
- Fixed a race condition propagating post-query metadata in the vectorized execution engine. #55168
- Fixed a bug causing nodes running version 20.1 to not be able to serve follower reads in mixed-version clusters running versions 19.2 and 20.1. #55089
- The first timing column in the trace.txt file collected as part of a statement diagnostics bundle has been fixed.
Contributors
This release includes 19 merged PRs by 8 authors.
Was this helpful?
