Security fixes
- Security vulnerabilities were fixed and backported from Jenkins (BEE-27307)
-
Refer to CloudBees Security Advisory February 15, 2023 for more information.
- Security vulnerabilities were fixed and backported from Jenkins (BEE-27308)
-
Refer to CloudBees Security Advisory February 15, 2023 for more information.
- Security vulnerabilities were fixed and backported from Jenkins (BEE-27309)
-
Refer to CloudBees Security Advisory February 15, 2023 for more information.
- Security vulnerabilities were fixed and backported from Jenkins (BEE-27631)
-
Refer to CloudBees Security Advisory February 15, 2023 for more information.
- Security vulnerabilities were fixed and backported from Jenkins (BEE-29042)
-
Refer to CloudBees Security Advisory February 15, 2023 for more information.
- Security vulnerabilities were fixed and backported from Jenkins (BEE-29267)
-
Refer to CloudBees Security Advisory February 15, 2023 for more information.
Known issues
- Duplicate Pipeline Template Catalogs in the Configuration as Code
jenkins.yaml
file on each instance restart (BEE-12722) -
If a Pipeline Template Catalog is configured in the CasC
jenkins.yaml
file and theid
property is not defined, the catalog is duplicated on each instance restart and in the exported CasC configuration.
Upgrade notes
- Java 11 is now required
-
Beginning with the September release, Java 11 is now required to run CloudBees CI. It is not possible to run the operations center, the controllers, or agents on Java 8 any longer. Java Web Start is no longer supported for inbound agents.
For more information, refer to Migrate to Java 11.
- When you upgrade to Java 11, you must update your Java garbage collection arguments (BEE-16018)
-
Garbage collection has been updated in Java 11. Many of the previously recommended arguments are no longer supported. When you upgrade your JDK to Java 11, you must also update your garbage collection configuration. Using unsupported Java arguments will result in startup failure.
For more information, refer to Adding Java arguments to the Jenkins service configuration file.
- Plugin Removal from the CloudBees Assurance Program (CAP) (BEE-9215)
-
CloudBees has removed the following plugins from the CloudBees Assurance Program (CAP):
-
Bootstrap 4 API
-
CloudBees Long-Running Build
-
Deployer Framework
-
Deployed on Column
-
JavaScript GUI Lib: Momentjs Bundle
-
This announcement allows CloudBees to focus on driving new technology and product innovation, as well as maintaining existing products that are actively used by customers.
If you installed any of these plugins using a Configuration as Code bundle via the plugins.yaml
file, you must include them in the plugin catalog to continue using them.
Refer to Installing non-CAP plugins with plugin catalogs.
For more information regarding this end-of-life announcement, please contact your Customer Success Manager.
- Migration to Jakarta Mail (BEE-22565)
-
The CloudBees Nodes Plus plugin and the Operations Center Server plugin were updated to use jakarta.mail instead of javax.mail. This migration may break existing scripts that relied upon javax.mail. You may need to recreate any broken scripts.