Security fixes

Security vulnerabilities were fixed and backported from Jenkins (BEE-30171)

Refer to the CloudBees Security Advisory May 16, 2023 for more information.

Security vulnerabilities were fixed and backported from Jenkins (BEE-30342)

Refer to the CloudBees Security Advisory May 16, 2023 for more information.

Security vulnerabilities were fixed and backported from Jenkins (BEE-32257)

Refer to the CloudBees Security Advisory May 16, 2023 for more information.

New features

None.

Feature enhancements

Enhanced security context in Helm charts (BEE-31691)

Administrators can now configure the security context at both pod and container level. Refer to Configuring the security context in Helm charts for more information.

Resolved issues

None.

Known issues

Prevalidating an invalid YAML file does not update check results (BEE-32504)

The prevalidation process does not complete when a bundle with an malformed YAML file is submitted. The errors are not reflected in GitHub.

The offline Update Center signature may expire and old versions of the product do not start up (BEE-10093)

The offline Update Center can only be updated by upgrading a trusted WAR file, giving no added security by signing the file that is inside the WAR file. The product might not start up when the certificate used to sign the JSON is no longer valid (occurs if the product had not been upgraded in a long time). The JSON embedded inside the WAR file is no longer signed.

Duplicate Pipeline Template Catalogs in the Configuration as Code (CasC) for Controllers jenkins.yaml file on each instance restart (BEE-12722)

If a Pipeline Template Catalog is configured in the CasC jenkins.yaml file and the id property is not defined, the catalog is duplicated on each instance restart and in the exported CasC configuration.

Severe contention on io.jenkins.blueocean.rest.impl.pipeline.PipelineNodeImpl.isRestartable with large Declarative Pipelines (BEE-31789)

CloudBees recommends that you upgrade Blue Ocean if you have large Declarative Pipelines.

Upgrade notes

Kubernetes-client upgrade to 6.x (BEE-30724)

The fabric8 Kubernetes-client has been upgraded from 6.3.1 to 6.4.1.