Security fixes
- OSS Issue [SECURITY-3133] (+backports)
- Security vulnerabilities were fixed and backported from Jenkins (BEE-33192)
-
Refer to the CloudBees Security Advisory July 12, 2023 for more information.
- OSS Issue [SECURITY-3059] (+backports)
- Security vulnerabilities were fixed and backported from Jenkins (BEE-31112)
-
Refer to the CloudBees Security Advisory July 12, 2023 for more information.
Known Issues
- HTTP Client used for Operations Center to Controllers connection leads to performance issues
-
Because of known issues in the Java HTTP Client, there could be performance issues in Operations Center to Controllers interactions in heavily loaded environments.
More details about this issue and workarounds are documented in Operations Center Client leaks HTTP Clients since version 2.401.1.3.
- Older versions of controllers cannot start after receiving new bundle versions
-
When the operations center sends new bundle versions to controllers older than 2.401.1.3, the controller cannot start.
This issue does not affect controllers in version 2.401.1.3 or newer.
There are three ways to fix the issue: * Upgrade all controllers to version 2.401.1.3 or newer. * Stop configuring controllers in versions prior to 2.401.1.3 using CasC. * Install a Plugin Catalog on the operations center with a beekeeper exception to install
cloudbees-casc-server:2.5.1
. The Plugin Catalog can be enabled in operations center by setting the system propertyDcom.cloudbees.jenkins.cjp.installmanager.CJPPluginManager.enablePluginCatalogInOC=true
.
Unable to look up some credentials types
- System configuration’s text field for "Send analytics events to this URL" shows a 401 status code
-
The System Configuration screen’s text field for "Send analytics events to this URL" shows a 401 status code even when authentication is in fact correct.
- Validating single sign-on configuration with CloudBees Software Delivery Automation fails with a 302 status code
-
When the user tries to check the Single Sign-On configuration with CloudBees Software Delivery Automation, it fails with a 302 status code.
- Pipeline Explorer’s tree view displays stages in the wrong order and/or more than once in some cases
-
The tree view for in-progress builds with nested parallel steps may display some stages in the wrong order, and it may display some stages more than once.
- Duplicate Pipeline Template Catalogs in the Configuration as Code (CasC) for Controllers
jenkins.yaml
file on each instance restart -
If a Pipeline Template Catalog is configured in the CasC
jenkins.yaml
file and theid
property is not defined, the catalog is duplicated on each instance restart and in the exported CasC configuration.
- Duplicate Plugins in Operations center Plugin Manager UI
-
When searching for a specific plugin under 'Available' tab in operations center Plugin Manager, the search results shows duplicate entries of the searched plugin.