.. _version_5.2.11:

==============
Version 5.2.11
==============

Released on 2023-12-21.

.. NOTE::

    If you are upgrading a cluster, you must be running CrateDB 4.0.2 or higher
    before you upgrade to 5.2.11.

    We recommend that you upgrade to the latest 5.1 release before moving to
    5.2.11.

    A rolling upgrade from 5.1.x to 5.2.11 is supported.
    Before upgrading, you should `back up your data`_.

.. WARNING::

    Tables that were created before CrateDB 4.x will not function with 5.x
    and must be recreated before moving to 5.x.x.

    You can recreate tables using ``COPY TO`` and ``COPY FROM`` or by
    `inserting the data into a new table`_.

.. _back up your data: https://crate.io/docs/crate/reference/en/latest/admin/snapshots.html
.. _inserting the data into a new table: https://crate.io/docs/crate/reference/en/latest/admin/system-information.html#tables-need-to-be-recreated



.. rubric:: Table of Contents

.. contents::
   :local:

See the :ref:`version_5.2.0` release notes for a full list of changes in the
5.2 series.

Security Fixes
==============

- The HTTP transport will not trust any ``X-Real-IP`` header by default anymore.
  This prevents a client from spoofing its IP address by setting these headers
  and thus bypassing IP based authentication with is enabled by default for the
  ``crate`` superuser.
  To keep allowing the ``X-Real-IP`` header to be trusted, you have to
  explicitly enable it via the
  :ref:`auth.trust.http_support_x_real_ip <auth.trust.http_support_x_real_ip>`
  node setting.
