RELEASED: Public: 2019-08-02
Security advisory * CloudBees Internal Ticket: CTR-427
+ Problem: Any "StringCredentials"/"Secret Text" value within the Jenkins instance can be compromised by a malicious attacker using checkAccountCredentials endpoint.
+ Fix: CSRF protection enabled by POST requirement. CONFIGURATION permissions on the backup item has been introduced.
CloudBees Internal Ticket: FNDJEN-1472
Resolves issue when trying to run a Cluster Operation to backup connected instance to a SFTP server, using a temporary local backup.