Version 5.4.8

Released on 2024-01-29.

Note

If you are upgrading a cluster, you must be running CrateDB 4.0.2 or higher before you upgrade to 5.4.8.

We recommend that you upgrade to the latest 5.3 release before moving to 5.4.8.

A rolling upgrade from 5.3.x to 5.4.8 is supported. Before upgrading, you should back up your data.

Warning

Tables that were created before CrateDB 4.x will not function with 5.x and must be recreated before moving to 5.x.x.

You can recreate tables using COPY TO and COPY FROM or by inserting the data into a new table.

Table of Contents

See the Version 5.4.0 release notes for a full list of changes in the 5.4 series.

Security Fixes

  • Fixed a security issue where any CrateDB user could read/import the content of any file on the host system, the CrateDB process user has read access to, by using the COPY FROM command with a file URI. This access is now restricted to the crate superuser only. See CVE-2024-24565 for more details. (Thanks to @Tu0Laj1 for reporting this issue)