A bug might occur when a client performing a scan hits a “Partition Unavailable” during an unstable cluster (in both high availability (AP) and strong consistency (CP) modes). Previous versions of the client aborted the scan and put the connection back into the pool, which might cause unprocessed results to be sent to a different transaction (of the same client), possibly resulting in incorrect application behavior. This has been fixed by Java Clients 5.1.11 and 4.4.20, C# Clients 4.2.7 and 3.9.15, C Clients 5.2.6 and 4.6.24.
Partition scans were added in Aerospike Database 4.9. If you make use of scans, we strongly recommend that you upgrade your clients at the earliest opportunity. We will be updating this post as new patched clients are released (please watch it for notifications by email). If you do not use scans you are unaffected. If you use Aerospike Database < 4.9 you are unaffected.
Also, one client cannot affect another client. This means, for example, that an asbackup running in the background against an Aerospike Database 5.6, which is migrating due to a cluster change, and hitting this bug, cannot affect another application built on the Java client.
Upgrade Notes
Applications that work with Aerospike Database versions < 4.9 are built on clients that do not have partition scans, and which are therefore unaffected.
Java Client
- Users of the Java client < 4.4.9 are unaffected.
- Users of Java client 5.1.x should upgrade to Java client 5.1.11.
- Users of Java client 5.0.0 - 5.0.7 that do not use
Policy.priority,ScanPolicy.scanPercentorScanPolicy.failOnClusterChange, can safely upgrade to Java client 5.1.11. - Users of Java client 4.4.9 - 4.4.18 should upgrade to Java client 4.4.20.
C Client
- Users of the C client < 4.6.14 are unaffected.
- Users of C client 5.2.x should upgrade to C client 5.2.6.
- Users of C client 5.1.0 - 5.1.1 that do not use
as_scan.priority,as_scan.percent,as_policy_scan.fail_on_cluster_change, don’t rely on sending a password hash when using authentication, can safely upgrade to C client 5.2.6. - Users of C client 4.6.14 - 4.6.23 should upgrade to C client 4.6.24.
C# Client
- Users of the C# client < 3.9.4 are unaffected.
- Users of C# client 4.2.x should upgrade to C# client 4.2.7.
- Users of C# client 4.0.0 - 4.1.6 that do not use
Policy.priority,ScanPolicy.scanPercentandScanPolicy.failOnClusterChange, can safely upgrade to C# client 4.2.7. - Users of C# client 3.9.4 - 3.9.14 should upgrade to C# client 3.9.15.
Python Client
- Users of the Python client < 4.0.0 are unaffected.
- Users of Python client 6.0.0 should upgrade to Python client 6.1.0.
- Users of Python client 5.0.0 that do not use the Scan options
priority,percent, and Scan policyfail_on_cluster_change, and are on Python 3.6+, can safely upgrade to Python client 6.1.0.
Node.js Client
- Users of the Node.js client < 3.16.0 are unaffected.
- Users of Node.js client 3.16 should upgrade to Node.js client 3.16.7
REST Client
- Users of the REST client < 1.3.0 are unaffected.
- Users of REST client 1.7.0 - 1.10.3 should upgrade to REST client 1.10.4.
- Users of REST client 1.3.0 - 1.6.4 using Aerospike Database version >= 4.9 can safely upgrade to REST client 1.10.4.
Unaffected Clients
Our initial assessment is that the following clients are unaffected.
Go Client
- Users of the Go client < 4.2.0 are unaffected.
- Users of Go client 5.x should upgrade to Go client 5.10.0.
- Users of Go client 6.x should upgrade to Go client 6.4.0.
Ruby Client
Partition scanning hasn’t been added yet to the client.
Rust Client
Partition scanning hasn’t been added yet to the client.
PHP Client
Partition scanning hasn’t been added yet to the client.