CloudBees, Inc.

Jenkins OSS LTS 2.73.1-cb-3

New Features

Major Release Notes

Upgrade Groovy from 2.4.8 to 2.4.11.

Major Release Notes

Integration of Winstone 4.0: Upgrade bundled Jetty from 9.2.15.v20160210 to 9.4.5.v20170502. This removes support for the deprecated SPDY protocol. The --spdy parameter has been removed accordingly and Jenkins may refuse to start if it's set.

Major JENKINS-39370

Update Remoting from 3.7 to 3.10 adding opt-in support for work directories and improving logging in Jenkins agents.

Major JENKINS-43668

SSHD Module 2.0: Update from SSHD Core 0.14.0 to Apache MINA SSHD 1.6.0 in Jenkins core and Jenkins CLI.

Minor Security Advisory

Update the Mailer plugin version installed when updating from very old Jenkins releases to include the fix for SECURITY-372, the SSH Slaves plugin for SECURITY-161, and the Script Security plugin for SECURITY-258.

Minor JENKINS-28113

Freestyle projects may now list Pipeline jobs as downstream and trigger them, without needing to use the Parameterized Trigger plugin or reverse triggers ("Build after other projects are built").

Minor JENKINS-27299

Internal: Define enabling/disabling in ParameterizedJob rather than AbstractProject.

Minor PR-2864

Internal: Offer default methods on ParameterizedJob to have less boilerplate code.

Minor JENKINS-30785

Fixed Pipeline compatibility for a number of CLI commands (delete-builds, list-changes, console, set-build-description, and set-build-display-name), as well as some issues affecting error reporting in other commands when used with Pipeline.

Minor JENKINS-22949

If you have the Authorize Project plugin installed and configured, its configuration will now be treated as final with respect to the behavior of Job/Build checks from Build other projects and Build after other projects are built. Formerly, if a Per-project configurable Build Authorization was enabled globally but some projects did not specify an Authorization, the two aforementioned checks would automatically fall back to checking as anonymous (typically denying build permission). To restore the former behavior, explicitly configure a Project default Build Authorization to be Run as anonymous. Note that this will affect all build-scoped permission checks, including for example Agent/Build.

Minor PR-2880

Internal API: Tasks.getAuthenticationOf now honors authentication contributed by QueueItemAuthenticatorProvider extensions.

Minor Release Notes

Update WinP from 1.24 to 1.25 to improve performance and diagnostics of issues like JENKINS-30782.

Minor JENKINS-4478

Moved agent port and protocol configuration out of "security" (authentication and authorization) block in Configure Global Security.

Minor PR-2900

Add section headers for Markup Formatter and CSRF Protection in Configure Global Security form to make these options more obvious.

Minor JENKINS-44563

Use one-column layout for REST API documentation (.../api URLs).

Minor JENKINS-24064

Plugin Development: Jenkins now no longer publishes a war-for-test artifact. Plugins using this or a later version of Jenkins as baseline need to use plugin parent POM 2.30 or later.

Minor JENKINS-39738

SSHD Module 2.0: Enable aes192ctr and aes256ctr ciphers if JVM supports unlimited-strength encryption.

Minor JENKINS-45438

Winstone 4.1: Add Jetty HTTP/2 connector and corresponding options for Winstone-Jetty.

Minor JENKINS-45737

Don't reload user records from disk unless explicitly requested to improve performance of user record access.

Minor JENKINS-44112

Enable remoting work directories by default for newly created agents launched via JNLP (Java Web Start Launcher).

Minor JENKINS-38185

Always follow redirects for downloading update center metadata, so misbehaving plugins cannot break it.

Minor JENKINS-45553

Minor optimization to queue maintenance routines and printing of console notes, mainly for the benefit of Pipeline node blocks.

Minor JENKINS-45244

Avoid unnecessary locking to improve performance related to actions.

Minor JENKINS-45915

Improve performance when reading the console text of a build.

Minor PR-2952

Add Polish translations for setup wizard.

Minor

Update Windows service wrapper from 2.1.0 to 2.1.2 and Windows Agent Installer from 1.9 to 1.9.1.

Minor JENKINS-42376

Log name of the executor thread that died to improve diagnosability.

Resolved issues

Major JENKINS-46754

2.73+ SSH agent sometimes will not start if using passphrase-protected ed25519 key

Major JENKINS-45755

Fix unability to launch SSH Slave since 2.68 when $HOME is not writable on Master

Minor JENKINS-40693

Jetty 9.4.5: Prevent the 400 Bad Host header error for HttpChannelOverHttp when operating behind reverse proxy.

Minor JENKINS-44330

Prevent StackOverflowError in log recorder when Winstone-Jetty debug logging is enabled. (regression in 2.61).

Minor PR-2904

Update jnr-posix from 3.0.1 to 3.0.41 to pick up improvements and fixes in the POSIX platforms support.

Minor JENKINS-44898

Fix resource loading in plugins using the PluginFirstClassLoader, e.g. loading Groovy classes from plugin resources.

Minor JENKINS-34464

Enable simpler syntax for upstream build trigger in pipelines.

Minor JDK-8182744

Internal: Update Annotation Indexer to 1.12 to work around JRE bug in tests.

Minor JENKINS-44361

Follow HTTP redirects while initiating CLI connection.

Minor JENKINS-45459

Fix version number shown in 2.0 upgrade wizard.

Minor JENKINS-45519

Correctly show or suppress warnings about undefined parameters based on hudson.model.ParametersAction.keepUndefinedParameters system property.

Minor JENKINS-25625

Internal: Delete obsolete SECURITY-144-compat exclusion that can break tests.

Minor JENKINS-20272

Don't monitor response time on offline agents.

Minor JENKINS-45057

Reliably close build log file when using chained BuildListeners.

Minor JENKINS-45895

Modify the JNLPLauncher configuration page to work around regression in Docker Plugin (regression in 2.72).

Minor JENKINS-43848

Prevent caching of the item categories list by the browser to prevent stale data.

Minor JENKINS-45909

Improve robustness of the reverse build trigger ("Build after other projects are built").

Minor JENKINS-46082

Include culprits in XML and JSON API again (regression in 2.60).

Minor JENKINS-46288

Button to validate proxy configuration in Manage Plugins now works correctly with NTLM authorization.

Known issues

None