RELEASED: June 22, 2022
Security fixes
- Security vulnerabilities were fixed and backported from Jenkins (BEE-16872)
-
Refer to CloudBees Security Advisory June 22, 2022 for more information.
- Security vulnerabilities were fixed and backported from Jenkins (BEE-18590)
-
Refer to CloudBees Security Advisory June 22, 2022 for more information.
Upgrade notes
- Encrypt JGroups HA network messages (BEE-16793)
-
-
The keystore used for encryption is automatically generated on startup, so there is a risk of multiple HA nodes trying to create the file at the same time if they are all restarted together. To avoid this, restart one of the HA nodes (any node is acceptable) and then restart the others.
-
If you are using a custom
jgroups.xmlfile, then add the following snippet to it to get message encryption:<SYM_ENCRYPT sym_algorithm="AES" keystore_name="${JENKINS_HOME}/jgroups_sym_encrypt.keystore" store_password="changeit" alias="jgroupsKey" />
-
- User Activity Monitoring Plugin database update (BEE-14611)
-
In the 2.332.3.2 release, the User Activity Monitoring Plugin was updated to use a new database. The new database is installed automatically when you upgrade to version 2.332.3.2 or later; however, historical data tracked by the plugin will not migrate to the new database. You may continue to use the User Activity Monitoring Plugin normally and user activity will be captured again, or you can migrate the data from the old database if you need historical data.
For more information about migrating the historical data, refer to Migrating historical User Activity Monitoring Plugin data.
- Migration to Java 11 will soon be required for new releases (BEE-42)
-
The Jenkins community will support the Java 11-specific features soon (Java 11 byte code) and then you cannot use a Java 8 runtime environment. Because CloudBees Jenkins Platform is based on the Jenkins LTS, future releases of CloudBees Jenkins Platform will have the same requirement.
CloudBees strongly recommends that you upgrade your CloudBees Jenkins Platform environment to run Java 11 as soon as possible. Some of the Java 11 updates may require action on your part, and there may be a specific order in which you should upgrade components in your environment. For more information, refer to Migrating to Java 11.
- Updated support for the new LTS 2.346 (BEE-16160)
-
Support was added for the new Jenkins LTS 2.346 release. The minimum required Jenkins version is now 2.303.
- When you upgrade to Java 11, you must update your Java garbage collection arguments (BEE-16018)
-
Garbage collection has been updated in Java 11. Many of the previously recommended arguments are no longer supported. When you upgrade your JDK to Java 11, you must also update your garbage collection configuration. Using unsupported Java arguments will result in startup failure.
For more information, refer to Adding Java arguments to the Jenkins service configuration file.
- Jenkins upgrade notes