CloudBees CI on traditional platforms 2.401.3.4

Rolling release: 2023-08-16

Based on Jenkins LTS 2.401.3

Security advisories

CloudBees Security Advisory 2023-08-16

Security fixes

Security vulnerabilities were fixed and backported from Jenkins

The following security tickets were fixed and backported from Jenkins:

  • OSS Issue [SECURITY-3090] (+backports)

  • OSS Issue [SECURITY-3103]

  • OSS Issue [SECURITY-3105] (+backports)

  • OSS Issue [SECURITY-3106] (+backports)

  • OSS Issue [SECURITY-3109] (+backports)

  • OSS Issue [SECURITY-3116] (+backports)

  • OSS Issue [SECURITY-3196]

Refer to the CloudBees Security Advisory August 16, 2023 for more information.

Upgrade Notes

Controller CloudBees Assurance Program plugin changes since 2.401.2.3

The following plugins have been added to the Controller CloudBees Assurance Program since 2.401.2.3:

  • CloudBees Build Strategies (cloudbees-build-strategies-plugin)

  • CloudBees Cache Step Plugin (cloudbees-cache-step)

  • CloudBees Pipeline Explorer (cloudbees-pipeline-explorer)

  • CloudBees Replication Plugin (cloudbees-replication)

  • CloudBees S3 Cache Plugin (cloudbees-s3-cache)

Jenkins 2.401 upgrade notes

New Features

None.

Feature Enhancements

None.

Resolved Issues

None.

Known Issues

HTTP Client used for operations center to controller connection leads to performance issues

Due to known issues in the Java HTTP Client, there could be performance issues in operations center to controller interactions in heavily loaded environments.

For more details about this issue and workarounds, refer to Operations Center Client leaks HTTP Clients since version 2.401.1.3.

Older versions of controllers cannot start after receiving new bundle versions

When the operations center sends new bundle versions to controllers older than 2.401.1.3, the controller cannot start.

This issue does not affect controllers in version 2.401.1.3 or newer.

There are three ways to fix the issue:

  • Upgrade all controllers to version 2.401.1.3 or newer.

  • Stop configuring controllers in versions prior to 2.401.1.3 using CasC.

  • Install a plugin catalog on the operations center with a Beekeeper exception to install cloudbees-casc-server:2.5.1. The plugin catalog can be enabled in operations center by setting the system property Dcom.cloudbees.jenkins.cjp.installmanager.CJPPluginManager.enablePluginCatalogInOC=true.

GitHub plugin settings would not load on startup

The GitHub plugin configuration failed to load during the Operations center startup. Refer to GitHub Plugin settings not loaded on startup after upgrading for more information.

Clouds do not disappear after the Folder configuration update by a user without Overall/Administer permissions

Clouds deselect after a user without Overall/Administer permissions edits the Folder configuration.

Duplicate plugins in the Operations center Plugin Manager UI

When you search for a specific plugin under the Available tab in the Operations center Plugin Manager, the search results show duplicate entries for the plugin.