Version 5.6.1¶
Released on 2024-01-29.
Note
If you are upgrading a cluster, you must be running CrateDB 4.0.2 or higher before you upgrade to 5.6.1.
We recommend that you upgrade to the latest 5.5 release before moving to 5.6.1.
A rolling upgrade from 5.5.x to 5.6.1 is supported. Before upgrading, you should back up your data.
Warning
Tables that were created before CrateDB 4.x will not function with 5.x and must be recreated before moving to 5.x.x.
You can recreate tables using COPY TO
and COPY FROM
or by
inserting the data into a new table.
Table of contents
See the Version 5.6.0 release notes for a full list of changes in the 5.6 series.
Security Fixes¶
Fixed a security issue where any CrateDB user could read/import the content of any file on the host system, the CrateDB process user has read access to, by using the
COPY FROM
command with a file URI. This access is now restricted to thecrate
superuser only. See CVE-2024-24565 for more details. (Thanks to @Tu0Laj1 for reporting this issue)
Fixes¶
Added a workaround for a change in JDK 21.0.2 which caused many operations to get stuck.
Fixed an issue that led to errors when privileges are defined for users, when performing a rolling upgrade of a cluster from a version before Version 5.6.0 to Version 5.6.0.
Fixed an issue that caused
SELECT
statements withWHERE
clause having an equality condition on a primary key to returnNULL
when selecting an object sub-column ofARRAY(OBJECT)
type.Fixed an issue that caused failure of a statement, mixing correlated subquery and sub-select. An example:
CREATE TABLE tbl(x INT); INSERT INTO tbl(x) VALUES (1); SELECT ( SELECT x FROM tbl WHERE t.x = tbl.x AND tbl.x IN (SELECT generate_series from generate_series(1, 1)) ) FROM tbl t;