Looking to upgrade?
Check the Upgrade Guide for assistance
Changes since 2.387
Security
Major bug fix
-
Move 'set node temporarily offline/online' buttons to app-bar to make them clickable again (regression in 2.385).
JENKINS-70394
-
Allow WebSocket agent connections to time out after 5m if a write never succeeds.
JENKINS-70531
-
Fix the TcpSlaveAgentListenerRescheduler functionality.
TcpSlaveAgentListener is automatically restarted on failure.
JENKINS-70334
Bug fix
-
Add script-security update to LTS baseline.
JENKINS-70487
-
Do not submit empty telemetry data if an error occurred during data collection.
JENKINS-70533
-
Update bundled Apache Mina SSHD API plugins from 2.9.1-44.v476733c11f82 to 2.9.2-50.va_0e1f42659a_a.
CVE-2022-45047
Enhancement
-
Limit the maximum number of search results.
Notable changes since 2.375.3
Major enhancement
-
Update to various UI elements.
Modernize table display, page layout, and buttons.
pull 6843, pull 6995, JENKINS-69339, pull 7373, pull 7452, pull 7173, JENKINS-70128, pull 7556, JENKINS-70112, pull 7555, pull 7475, JENKINS-70209, pull 7425, JENKINS-70117, pull 7597, JENKINS-70240, pull 7314, pull 7203, pull 7171, pull 7364, JENKINS-69517, pull 7366, pull 7364, pull 7229, JENKINS-69715, pull 7352, pull 7367, pull 7368, pull 7399, JENKINS-70036, pull 7427, JENKINS-70121, pull 6511
-
Add missing breadcrumb items in various locations.
pull 6912, pull 7487, pull 7488, pull 7489, pull 7490, pull 7491, pull 7492, pull 7493, pull 7494, pull 7495, pull 7496
-
Update ANTLR2 grammars and code to ANTLR4.
pull 7293
-
Update Spring Security from 5.7.4 to 5.8.0.
This update includes several fixes and improvements.
Spring Security 5.7.5 release notes, Spring Security 5.8.0 release notes, CVE-2022-31690, CVE-2022-31692
-
Set default file size rotation of AsyncPeriodicWork / AsyncAperiodicWork task logs to 10MB.
JENKINS-64151
-
Update appearance of tooltips and replace old library with Tippy.js.
pull 6408
Major bug fix
Enhancement
-
The minimum required Remoting version has been increased to 4.7 (released on February 16, 2021).
pull 7340
-
Add telemetry related to distributed builds.
JENKINS-70199
-
Add telemetry for activation of permissions that are not enabled by default.
JENKINS-70044
-
Remove the notice in the plugin manager Updates tab about newer plugin versions not compatible with your current core version.
Limit the display of updates to plugin versions actually being offered by the update center for your core version.
JENKINS-62332
-
Show recommended actions, such as "update affected plugins", in security warnings popup.
pull 7046
-
Jenkins no longer bundles a patched version of the deprecated Commons HttpClient 3.x library for use by plugins.
Plugins should be migrated to the native Java 11 HTTP client or updated to depend on the legacy Commons HttpClient 3.x API plugin.
Commons HTTP Client, Apache HTTP Client
-
Remove the deprecated Multijob plugin from the setup wizard.
pull 7413
-
Remove the deprecated WMI Windows Agents plugin from the setup wizard.
pull 7414
-
Do not report implied dependencies for WMI Windows Agents plugin.
JENKINS-70301
-
Avoid unnecessary configuration save when reloading configuration from disk.
pull 7305
-
Robustness improvement regarding build number collisions.
JENKINS-23152
-
Remove support for log rotation via
SIGALRM.
The command-line argument --daemon has been removed.
pull 7256
-
Upgrade XStream from 1.4.19 to 1.4.20.
This maintenance release addresses the security vulnerabilities CVE-2022-40151 and CVE-2022-41966, causing a Denial of Service by raising a stack overflow.
It also provides new converters for
Optional and Atomic types.
XStream 1.4.20 release notes, CVE-2022-40151, CVE-2022-41966
-
Upgrade Guice from 5.0.1 to 5.1.0.
Guice 5.1.0 contains eight fixes and improvements.
Guice 5.1.0 release notes
-
Upgrade Spring Framework from 5.3.23 to 5.3.24.
Spring Framework 5.3.24 release notes
Bug fix
-
Improve tooltip performance.
JENKINS-70178
-
Fix the update of disabled plugins.
JENKINS-69183
-
Close connection on the agent if the agent's liveness ping receives no response.
JENKINS-70414
-
Delay initialization of cryptography needed for TCP inbound agents unless and until such an agent is connected.
pull 7514
-
Delete
.disabled files when uninstalling a plugin.
JENKINS-68194
-
Fix a race condition affecting the launch of inbound agents.
pull 7378