Critical regression fixes in

Version release fixes some regressions found in release Installing the new release is highly recommended to avoid these issues.

If you are updating from version and you applied the workarounds, remove any workarounds upon update.

New features

Introducing CloudBees Pipeline Policies as a Preview feature (CTR-767)

While administrators would like to enable their developers to use pipelines freely, they still may need to set some restrictions based on industry-specific regulatory compliance or general best practice principles. Pipeline Policies provide a central way to enforce best practices across pipeline projects. The plugin uses runtime validation that works for both scripted and declarative pipelines, allowing administrators to include warnings or block the execution of pipelines if policy rules are violated. This initial release of Pipeline Policies is aimed at helping users avoid antipatterns that can damage the stability of their masters.

This only affects installations that use the Pipeline Policies Plugin.

S3 Publisher Plugin in the CloudBees Assurance Program (FNDJEN-1852)

The 'S3 Publisher plugin' is now included in the CloudBees Assurance Program to guarantee its quality and integration inside CloudBees products. This plugin applies to all masters in CloudBees Jenkins Enterprise, CloudBees Jenkins Distribution, and CloudBees Core. It does not apply to the Operations Center.

Feature enhancements


The CloudBees Analytics Plugin collects metrics for analysis to help CloudBees make decisions about future product direction. The collected data is used to evaluate patterns of usage of our products.

For details about what data is collected, see Data collection for the CloudBees Analytics Plugin.

Resolved issues

Version reverse proxy issue (JENKINS-60199)

When Jenkins was run behind a reverse proxy, users were redirected to a non-functional address ( upon login.

This redirect was caused by the issue 4573 in the embedded Jetty server. It only correctly processes the HTTP headers X-Forwarded-Host and X-Forwarded-Port when they are provided in a specific order.

This issue did not affect CloudBees Core on modern cloud platforms, but other instances behind reverse proxies like httpd or haproxy may have been affected.

If you applied the workaround, it should be removed upon update.

Form submissions were limited to 200,000 characters (JENKINS-60409)

This issue affected version, and is fixed in

Users were unable to submit large forms to Jenkins. This issue resulted in users being unable to make system configuration changes or replay pipelines, for example.

If you applied the workaround, it should be removed upon update.

Deadlock between CJOC connection and Global Configuration save (CTR-1136)

If a master was connected to Operations Center while its global configuration was being saved via the web interface, the master→operations center communication thread and the HTTP request thread would deadlock. This deadlock would result in a master that could not communicate with Operations Center and eventually, if more global configuration saves were performed, a master that was unresponsive to the HTTP(s) requests.

The code has been updated to make the locking order consistent in both approaches, removing this deadlock.

This only affects installations that use the Operations Center Client Plugin.

The default Browsers role should grant View/Read (CTR-669)

Users who were assigned only the default Browsers role were unable to see all views, such as the pull requests tab of a GitHub multibranch project.

With this fix, users who are assigned the default Browsers role will now be granted the View/Read permission.

This only affects installations that use the CloudBees Role-Based Access Control Plugin.

RBAC group configured on View disappears after editing the View (CTR-1029)

When an RBAC group configured on a View was modified, the group configuration was removed.

With this fix, the RBAC group related to the View remains after the View is modified.

This only affects installations that use the CloudBees Role-Based Access Control Plugin.

Finish adding logging on SFTP with infradna-backup plugin (CTR-1042)

There was not enough information on job logging when using SFTP backup. With this fix, meaningful information has been added.

This only affects installations that use the CloudBees Backup Plugin.

Checkpoint step prints a warning (NGPIPELINE-676)

Using the checkpoint step in a Pipeline incorrectly caused the following warning to be written to the build log: "expected to call WorkflowScript.checkpoint but wound up catching suspend?; see:".

A warning is no longer displayed when using the checkpoint step.

This only affects installations that use the CloudBees Pipeline: Groovy Checkpoint Plugin.

Performance improvement of Display URL API plugin (NGPIPELINE-970,586)

The Display URL API plugin adds environment variables to builds containing the URL of the build in Jenkins. In order to compute the value of these variables, the plugin previously needed to load a large number of classes for each build, which could lead to performance issues. With this fix, the plugin no longer needs to perform significant class loading when contributing environment variables to builds.

This only affects installations that use the Display URL API plugin.

Blue Ocean View failed in IE and Edge (NGPIPELINE-955)

Opening the Blue Ocean View with a Microsoft Edge or Internet Explorer browser failed. With this fix, the packaging of the Server Sent Events (SSE) Gateway Plugin no longer causes the Blue Ocean View to fail in IE and Microsoft Edge browsers.

This only affects installations that use the Server Sent Events (SSE) Gateway Plugin.

Known issues


Upgrade notes

End of life announcement

After assessing the viability of our supported plugins, CloudBees ended support for the CloudBees VMware Pool Autoscaling Plugin on April 30, 2020.

This end-of-life announcement allows CloudBees to focus on driving new technology and product innovation as well as maintaining existing products that are actively used by customers.

For more information regarding this end-of-life announcement, please contact your Customer Success Manager.


Revision 3 (2020-03-19)

Plugin updates

Revision 2 (2020-03-09)

CloudBees Security Advisory 2020-03-09