CloudBees Jenkins Platform

2 minute read

RELEASED: Public: 2017-11-08

Based on Jenkins LTS2.73.3-cb-1

Rolling release Security release

Security advisory

Security advisory * Security Advisory 2017-11-08

+ Fixes the security issues described in the advisory.

New features

  • Added apache-httpcomponents-client-4-api version 4.5.3-2.0

  • Added blueocean-bitbucket-pipeline version 1.3.0

  • Added blueocean-jira version 1.3.0

  • Release Notes

    Added CloudBees Blue Ocean Default Theme version 0.3

  • Added cloudbees-jenkins-advisor version 1.2

  • Added htmlpublisher version 1.14

  • Added jira version 2.4.2

  • Added jsch version

Resolved issues


Known issues

  • CloudBees Internal Ticket: CJP-7003

    When using Operations Center SSO, user scoped credentials created by the Blue Ocean Pipeline Creation Wizard gets deleted upon re-authentication. The workaround is to manually re enter the git/github credentials on the Client Master, either globally or at the folder level.

  • CloudBees Internal Ticket: Jenkins LTS-1350

    Dependencies to plugins which were previously bundled on Jenkins WAR (detached plugins) are not resolved automatically. These plugins will have to be manually installed. More information

  • JENKINS-37545.

  • CloudBees Internal Ticket: Jenkins LTS-1074

    When renaming a folder, if clicking Apply instead of Save, a confirmation pop-up dialog is shown with duplicated header and footer. The workaround is to use the Save button.

  • CloudBees Internal Ticket: CJP-5556

    When a Client Master is straight deleted from a CJOC, the connection details are left behind. The workaround is to delete the CJOC connection details from the Client Master global configuration page.

  • CloudBees Internal Ticket: CJP-5232

    When pushing connection details from CJOC to a clean CJE (along with SSO), the user gets logged in the Client Master as admin rather than as the user who started the configuration in CJOC. The workaround is to logout and login again.

  • CloudBees Internal Ticket: CJP-4979

    When CJOC is enforcing the Role Based Access Control authorization strategy on client masters, the Groups detail screens on client masters will include two "Inherited from Jenkins" sections. The top-most section refers to the current master (which is a "Jenkins" but should be referred to as the connected master name shown in the breadcrumb bar) and the lowest "Inherited from Jenkins" section refers to CJOC (which is a "Jenkins").

The visual display of the information is less confusing when the masters have been organized using folders on CJOC as then the two "Inherited from Jenkins" sections are visually separated by the folders.

  • JENKINS-43848

    The list of Job types in the New Item page is served without cache expiration. This causes IE to cache the results of the page so if a new item type should be visible it is not shown until the cache is cleared and the page reloaded. This is known to affect the installation of new plugins that offer job types, changing of Folder restrictions in

  • CloudBees Folders Plus +plugin and creating a new Job Template in

  • CloudBees Templates +plugin.

Chrome and Firefox are unaffected by this issue.