.. _version_5.7.2:

=============
Version 5.7.2
=============

Released on 2024-06-12.

.. NOTE::
    If you are upgrading a cluster, you must be running CrateDB 4.0.2 or higher
    before you upgrade to 5.7.2.

    We recommend that you upgrade to the latest 5.6 release before moving to
    5.7.2.

    A rolling upgrade from 5.6.x to 5.7.2 is supported.

    Before upgrading, you should `back up your data`_.

.. WARNING::

    Tables that were created before CrateDB 4.x will not function with 5.x
    and must be recreated before moving to 5.x.x.

    You can recreate tables using ``COPY TO`` and ``COPY FROM`` or by
    `inserting the data into a new table`_.

.. _back up your data: https://crate.io/docs/crate/reference/en/latest/admin/snapshots.html

.. _inserting the data into a new table: https://crate.io/docs/crate/reference/en/latest/admin/system-information.html#tables-need-to-be-recreated

.. rubric:: Table of contents

.. contents::
   :local:

See the :ref:`version_5.7.0` release notes for a full list of changes in the
5.7 series.

Security Fixes
==============

- Disabled client-initiated renegotiation for TLS by default.
  This helps prevent Denial of Service (DoS) attacks.

Fixes
=====

- Fixed an issue that prevented users with :ref:`DDL <privilege_types>`
  privileges on table to execute
  :ref:`ALTER TABLE t REROUTE... <ddl_reroute_shards>` statements.

- Fixed an issue that could lead to requests getting stuck when trying to
  download a blob via HTTPS.

- Fixed an issue leading to slow query processing during the analysis phase,
  when the ``WHERE``` clause of a query contains columns of a
  :ref:`PRIMARY KEY <constraints-primary-key>` and combines them using complex
  logical expressions, e.g.::

      SELECT * FROM t WHERE pk_col1 = ? AND pk_col2 = ? OR
                            pk_col1 = ? AND pk_col2 = ? OR
                            ...

- Fixed an issue leading to a ``UnsupportedFeatureException`` when using a
  correlated sub-query in a case function as part of a select statement where
  some of its outputs weren't used in the outer-query.

- Fixed an issue leading to a ``ArrayIndexOutOfBoundsException``  instead of a
  user friendly error message when the ``WHERE``` clause of a query contains
  all columns of a :ref:`PRIMARY KEY <constraints-primary-key>`, uses
  parameters for them, and binds less actual values than the required, e.g.::

      SELECT * FROM t WHERE pk_col1 = ? AND pk_col2 = ? AND pk_col3 = ?

  and less than 3 values are provided.

- Added memory accounting for multi-phase execution to prevent out-of-memory
  errors caused by sub-queries such as ''SELECT * FROM t1 WHERE id IN
  (SELECT id FROM t2)'' or lookup-joins with large intermediate results.

- Fixed an issue that caused ``WHERE`` clause to fail to filter rows when
  the clause contained ``CONCAT``, ``CURRENT_SETTING``,
  ``PG_GET_FUNCTION_RESULT``, or ``PG_ENCODING_TO_CHAR`` scalar functions under
  ``NOT`` operator.

- Fixed an issue leading to restoring data into wrong tables when restoring a
  snapshot with partitioned tables using one of the renaming parameters
  ``schema_rename_pattern``, ``schema_rename_replacement``,
  ``table_rename_pattern`` or ``table_rename_replacement``. Renamed table was
  created but used to be empty.

- Fixed an issue that prevented users with ``DQL`` privilege on a view to be
  able to query the view when foreign tables are referenced by the view.

- Fixed an issue leading to a ``ArrayIndexOutOfBoundsException`` when using a
  correlated sub-query where some of its outputs weren't used in a parent
  query.

- Fixed an issue that could lead to out-of-memory errors when executing
  ``lead`` or ``lag`` window functions on a large table.

- Fixed an issue that could lead to errors when loading data from geo_point
  fields inside nested arrays.

- Fixed an issue that caused ``SQLParseException`` when the results returned
  from foreign tables could not be casted to CrateDB specific data types.

- Fixed an issue that allowed dropped users to run queries if active user was
  set by ``SET SESSION AUTHORIZATION`` and then dropped.

- Fixed an issue leading to authentication errors when
  :ref:`Host-Based Authentication <admin_hba>` was enabled and had entries
  matching multiple authentication methods simultaneously, e.g.::

    auth.host_based.config.1.method=password
    auth.host_based.config.2.method=jwt
    auth.host_based.config.2.protocol=http

  This example configuration were rejecting authentication via JWT as only
  the first entry was checked.
