November 20, 2020
This page lists additions and changes in v20.2.1 since v20.2.0.
- For a comprehensive summary of features in v20.2, see the v20.2 GA release notes.
- To upgrade to v20.2, see Upgrade to CockroachDB v20.2
A denial-of-service (DoS) vulnerability is present in CockroachDB v20.2.0 - v20.2.3 due to a bug in protobuf. This is resolved in CockroachDB v20.2.4 and later releases. When upgrading is not an option, users should audit their network configuration to verify that the CockroachDB HTTP port is not available to untrusted clients. We recommend blocking the HTTP port behind a firewall.
For more information, including other affected versions, see Technical Advisory 58932.
Cockroach Labs has discovered a bug relating to incremental backups, for CockroachDB v20.2.0 - v20.2.7. If a backup coincides with an in-progress index creation (backfill), RESTORE, or IMPORT, it is possible that a subsequent incremental backup will not include all of the indexed, restored or imported data.
Users are advised to upgrade to v20.2.8 or later, which includes resolutions.
For more information, including other affected versions, see Technical Advisory 63162.
Get future release notes emailed to you:
Downloads
Docker image
$ docker pull cockroachdb/cockroach:v20.2.1
Bug fixes
- Fixed a crash, introduced in the v20.2 series, caused by range scans over virtual tables with virtual indexes. #56459
- Fixed a bug the occured when the Pebble storage engine was used with encryption-at-rest that could result in data corruption in some fairly rare cases after a table drop, table truncate, or replica deletion. #56678
Contributors
This release includes 3 merged PRs by 3 authors.
Yes
No