CloudBees CI release highlights

What’s new in CloudBees CI 2.387.3.3

Watch video

Security fixes

Upgrade Google OAuth Client 1.31.5 to Google OAuth Client 1.33.3 (BEE-23789)

Upgraded Google OAuth Client 1.31.5 to Google OAuth Client 1.33.3.

Upgrade Gson 2.8.7 to Gson 2.8.9 (BEE-24280)

Upgraded Gson 2.8.7 to Gson 2.8.9.

Upgrade Google OAuth Client 1.25.0 to Google OAuth Client 1.33.3 (BEE-25730)

Upgraded Google OAuth Client 1.25.0 to Google OAuth Client 1.33.3.

Upgrade to Analysis Model API including BCEL 6.7.0 with the fix (BEE-27951)

Upgraded to Analysis Model API including BCEL 6.7.0 with the fix.

Use of unsafe SnakeYaml constructor (BEE-29887)

Updated the library SnakeYaml to 2.0 due to a security defect in version 1.33.

Low-privilege users can restore backup jobs (BEE-29577)

CloudBees Backup plugin allowed users with Job/Configure permissions to restore backups.

This issue is resolved.

Low-privilege users can break backup jobs (BEE-29576)

CloudBees Backup plugin allowed users with Job/Configure permissions to break backup jobs created by other users.

This issue is resolved.

New features

None.

Feature enhancements

None.

Resolved issues

After a server restart, the CloudBees CI service started before the NFS mount used for JENKINS_HOME was mounted, leading to the CI service to fail to start properly (BEE-32236)

The systemd service now waits for NFS to be mounted before the service starts. This issue is resolved.

Bundle update tab displays duplicate validations results (BEE-31764)

Duplicate validation results appear on the Bundle update tab of the CloudBees Configuration as Code export and update page.

This issue is resolved. Validation results are no longer duplicated.

Warnings from AvailabilityPatternValidator are not stored in the raw bundle log storage (BEE-30893)

The RawBundleValidation log does not always show all of the warnings, as the core bundles page.

rbac.yaml treats boolean values as strings (BEE-29065)

Boolean values were incorrectly quoted and treated as string values in the rbac.yaml file.

This issue is resolved.

Prevalidating an invalid YAML file does not update check results (BEE-32504)

The prevalidation process does not complete when a bundle with an malformed YAML file is submitted. The errors are not reflected in GitHub.

Known issues

XStream2 unable to round-trip ASCII NUL (JENKINS-71139)

Jenkins has switched from using KXm12Driver to StandardStaxDriver. Due to this change, Jenkins XML files can no longer save text content with the ASCII NUL character (U+0000). In particular, if you are using the JUnit plugin to publish test results, be sure to update it to the latest version to avoid problems with new builds. Test results published with older versions of the plugin become unreadable. CloudBees CI users with Beekeeper enabled do not need to update the plugin since the update is part of the product.

Duplicate Pipeline Template Catalogs in the Configuration as Code jenkins.yaml file on each instance restart (BEE-12722)

If a Pipeline Template Catalog is configured in the CasC jenkins.yaml file and the id property is not defined, the catalog is duplicated on each instance restart and in the exported CasC configuration.

Upgrade notes

Promoted Builds integration removed from the Operations Center Context plugin (BEE-31064)::

The Promoted Builds plugin was removed from the CloudBees Assurance Program (CAP). It was previously integrated with the Operations Center Context plugin.