Security fixes
- Confidential information disclosure via aggregated node list in High Availability (HA) controllers
-
The REST API endpoint for listing agents on High Availability (HA) controllers was mistakenly accessible to anonymous users. Some users with limited permissions could also see confidential job-related information they should not have seen. This has been fixed and permission checks now work as expected.
Upgrade Notes
- Operations center CloudBees Assurance Program plugin changes since 2.462.3.3
-
The following plugins have been added to the Operations center CloudBees Assurance Program since 2.462.3.3:
-
OpenId Connect Authentication Plugin (
oic-auth
)
-
The following plugins have been removed from the Operations center CloudBees Assurance Program since 2.462.3.3:
-
View Job Filters (
view-job-filters
)
- Controller CloudBees Assurance Program plugin changes since 2.462.3.3
-
The following plugins have been added to the Controller CloudBees Assurance Program since 2.462.3.3:
-
OpenId Connect Authentication Plugin (
oic-auth
)
-
Known Issues
- Duplicate Plugins in Operations Center Plugin Manager UI
-
When you search for a specific plugin under Available tab in operations center Plugin Manager, the search results shows duplicate entries of the searched plugin.
- Cannot add CyberArk / Hashicorp Vault credentials from the Add button of a credentials form
-
When you try to add a CyberArk credential or Hashicorp Vault credential from the Add button of a credentials form, it fails with the error
Domain is read-only
and the credential is not created. The workaround is to create the those types of credentials from the Manage Jenkins > Credentials page for root credentials or a Folder Credentials page for folder credentials.
- Authentication to operations center Configuration as Code Retriever API fails
-
After upgrading to version 2.462.1.3 or later, authentication to the operations center Configuration as Code Retriever endpoint API at
${OC_URL}/casc-retriever/*
fails. This is due to the removal of the authentication method enabled by the attribute.OperationsCenter.CasC.Retriever.secrets.adminPassword
.
- Updated support for the Integer version type in the Configuration as Code bundle
-
Updated support for the Integer version type in the Configuration as Code bundle