CloudBees Jenkins Enterprise New User Experience 1.2.36

1 minute read

RELEASED: Public: 2020-12-03

Security fixes

snakeyaml:1.10 dependency removed (CTR-2511)

The snakeyaml:1.10 library contains a known security vulnerability.

With this change we are removing the dependency on that library.

Upgrade notes

By removing the Snakeyaml dependency we are also removing old migration code, which means updates from versions of this plugin older than 1.1.0 (3 years old) will require a multistep upgrade.

The multistep upgrade involves two steps:

  1. Update to a version previous to this one.

  2. Update to this version.

If users skip a step in the multistep process, they could incur data loss.

New features

None

Resolved issues

None

Known issues

None