.. _version_5.3.9:

=============
Version 5.3.9
=============

Released on 2024-01-29.

.. NOTE::

    If you are upgrading a cluster, you must be running CrateDB 4.0.2 or higher
    before you upgrade to 5.3.9.

    We recommend that you upgrade to the latest 5.3 release before moving to
    5.3.9.

    A rolling upgrade from 5.2.x to 5.3.9 is supported.
    Before upgrading, you should `back up your data`_.

.. WARNING::

    Tables that were created before CrateDB 4.x will not function with 5.x
    and must be recreated before moving to 5.x.x.

    You can recreate tables using ``COPY TO`` and ``COPY FROM`` or by
    `inserting the data into a new table`_.

.. _back up your data: https://crate.io/docs/crate/reference/en/latest/admin/snapshots.html
.. _inserting the data into a new table: https://crate.io/docs/crate/reference/en/latest/admin/system-information.html#tables-need-to-be-recreated

.. rubric:: Table of Contents

.. contents::
   :local:

See the :ref:`version_5.3.0` release notes for a full list of changes in the
5.3 series.

Security Fixes
==============

- Fixed a security issue where any CrateDB user could read/import the content of
  any file on the host system, the CrateDB process user has read access to, by
  using the ``COPY FROM`` command with a file URI. This access is now restricted
  to the ``crate`` superuser only.

