Archived LTS Changelog

Back to Recent LTS Changelog

2.375.4

March 8, 2023
Security
Enhancement
  • Limit the maximum number of search results.

2.375.3

February 8, 2023
Bug fix
  • Resolve implied dependencies on WMI Windows Agent plugin. JENKINS-70301
  • Prevent Angry Jenkins when checking a non http(s) based update center URL. JENKINS-70240
  • Remove negative letter-spacing to improve legibility in some languages and fonts (regression in 2.340 + 2.350). JENKINS-70209
  • Restore link to last breadcrumb in Console view. JENKINS-70169

2.375.2

January 11, 2023
Enhancement
Major bug fix
  • Wait for 10 seconds before attempting to reconnect a WebSocket agent, regardless of whether or not the controller is responding. Slow down websocket re-connect
  • Memory leak when repeatedly connecting WebSocket agents. JENKINS-70103
Bug fix
  • Updated bundled Script Security plugin from 1189.vb_a_b_7c8fd5fde to 1190.v65867a_a_47126. Updated JUnit plugin from 1156.vcf492e95a_a_b_0 to 1160.vf1f01a_a_ea_b_7f. Jenkins Security Advisory 2022-11-15
  • Fix console-view bouncing when new entries appear. JENKINS-69587

2.375.1

November 30, 2022
Major bug fix
  • Prevent potential deadlocks on websocket agents. JENKINS-69890
  • Fix Gravatar error on profile page (regression in 2.335). JENKINS-70023
Enhancement
  • Add telemetry for activation of permissions that are not enabled by default. JENKINS-70044

2.361.4

November 13, 2022
Major bug fix
  • Prevent a stack overflow when loading a queue (regression in 2.361). JENKINS-69850

2.361.3

November 2, 2022
Major bug fix
  • Fix a race condition that causes file descriptor leaks when cloud agents are created (regression in 2.294). JENKINS-69534
Bug fix
  • Model link chevron is not in center in user build cause on console log. JENKINS-69257
  • Table columns get wider or smaller depending on the sort selection. JENKINS-67864

2.361.2

October 5, 2022
Major bug fix
Bug fix
  • Fix the resize behavior of Execute Shell build steps (regression in 2.321 or 2.357). JENKINS-69320
  • Fix a potential FileAlreadyExistsException error on startup on systems with slow I/O. JENKINS-67624
  • Fix Plugin Manager selection buttons appearance. JENKINS-69467
  • Fix Java version check in /etc/init.d/jenkins. JENKINS-69570
  • Properly reset attributes of cached symbols. JENKINS-68805

2.361.1

September 7, 2022
Security
Major enhancement
Major bug fix
  • Fix an error when rebuilding jobs triggered by polling (regression in 2.358). JENKINS-69210
  • Update Jenkins pom from 1.83 to 1.84. Ensure jar files and javadoc are up to date for 2.361.1. JENKINS-69198
Bug fix

2.346.3

August 10, 2022
Enhancement
Bug fix
  • Revert prior attempts to make log records collectible by limiting discarded messages. JENKINS-68417
  • Connect breadcrumb context menus to items in subfolders. JENKINS-68906
  • Improve progress bar visibility in shaded rows. JENKINS-68672
  • Update Remoting from 4.13.2 to 4.13.3 to improve performance of previous fix for java.lang.OutOfMemoryError: unable to create new native thread on agents. JENKINS-65873

2.346.2

July 13, 2022
Enhancement
Bug fix
  • Ignore duplicate log recorders keyed by same name. JENKINS-68752
  • Display job icons correctly on the Jenkins dashboard, even when a non-empty context path alters the URL (regression in 2.346.1). JENKINS-68639
  • Show all log messages when an inbound agent fails to connect (regression in 2.310). JENKINS-68785
  • Plugins selected for update cannot be unselected once the update has started. JENKINS-68730
  • Fix offset of radio buttons when selected. JENKINS-68799
  • Make previous boot attempt timestamps available to boot-failure.groovy startup hooks (regression in 2.308). JENKINS-68848

2.346.1

June 22, 2022
Security
Enhancement
  • Remove SSH Plugin from setup wizard plugin selection. JENKINS-68556
  • Allow running on Java 17 without --enable-future-java. pull 6602
  • Show remote class loader statistics of agents with new table layout. JENKINS-68591
  • Update bundled Script Security Plugin from 1.75 to v35f6a_0b_8207e Update bundled WMI Windows Agents Plugin from 1.0 to 1.8.1 pull 65822022-05-17 security advisory
Bug fix
  • Fix indistinguishable build scheduling icon when the job is already in-queue (regression in 2.321). JENKINS-68303
  • Fix the position of the help button when it is not directly attached to an object (regression in 2.320). JENKINS-68042
  • Restore actions icon size lookup (regression in 2.341). JENKINS-68296
  • Fix a runtime error when viewing the build time trend on Java 17. JENKINS-68215
  • Provide supporting infrastructure to enable Pipeline: Groovy to work around a metaspace memory leak for users running Pipeline jobs on Java 11. pull 6597JENKINS-63766JDK-8231454 metaspace leak
  • Restore the frame color of the build progress bar of the executor widget. pull 6607
  • Keep the Save and Apply buttons in front of menus (regression in 2.337). JENKINS-68640
  • Fix WebSocket reconnection in edge cases. Upgrade from Remoting 4.13 to 4.13.2. pull 6576JENKINS-68542Remoting 4.13.2 changelog
  • Fix class attribute for Jenkins Symbols using <l:icon … />. JENKINS-68630

2.332.4

June 22, 2022
Security
Enhancement
  • Remove SSH Plugin from setup wizard plugin selection. JENKINS-68556

2.332.3

May 4, 2022
Major bug fix
  • Avoid a deadlock between agent class loading and logging. JENKINS-68122
Enhancement
Bug fix
  • Allow filtering updates in plugin manager by plugin ID (regression in 2.320). JENKINS-68260
  • Display log entries with missing logger names in the log viewer. pull 6310
  • Preserve load statistics data for label expressions. JENKINS-68055
  • Fix bad encoding of security warnings in French showing special characters. pull 6382

2.332.2

April 6, 2022
Enhancement
Bug fix

2.332.1

March 9, 2022
Enhancement
Bug fix
  • Keep the same height when dragging and dropping a component (regression in 2.277). JENKINS-67496
  • Correctly render expandable text boxes into multiple lines (regression in 2.197 and 2.176.4). JENKINS-67627
  • Show correct feature name in tooltips of help links (regression in 2.179). JENKINS-67662
  • Launch only one agent to satisfy cloud agent requests that use label expressions. JENKINS-67635
  • Truncate long build names again (regression in 2.332). JENKINS-67689
  • Overwrite grey balls icon with the modern "not built" status. JENKINS-67753
  • Render the question mark on the new help button only once so that it is not shown twice, even while using different themes. pull 6233
  • Update remoting from 4.11 to 4.12 to allow Java web start agents to connect (regression in 2.318). pull 5983JENKINS-67000Remoting 4.11.2 changelogRemoting 4.12 changelog
  • Restart systemd service when the controller exits unexpectedly. JENKINS-56219
  • Restart the Jenkins service after plugin updates on Debian 11 (bullseye). JENKINS-65809

2.319.3

February 9, 2022
Security
Bug fix
  • Fix ClassNotFoundException: io.jenkins.cli.shaded.org.w3c.dom.Node when using JAXB. JENKINS-67470
  • Launch only one agent to satisfy cloud agent requests that use label expressions. JENKINS-67635
Enhancement

2.319.2

January 12, 2022
Security
Enhancement

2.319.1

December 1, 2021
Bug fix

2.303.3

November 4, 2021
Security
Major enhancement
Enhancement
  • Always allow configuring agent-to-controller security subsystem.
Bug fix
  • Correction of Label expression including a "implies" relationship without spaces around. JENKINS-66613

2.303.2

October 6, 2021
Security
Enhancement
Bug fix
  • Allow Jenkins to start when the JCasC configuration defines view-related permissions (regression in 2.302). JENKINS-66470
  • Use the JVM's default keystore type for the Jenkins server when terminating TLS connections within Jenkins. Used if Jenkins is started with the --httpsPort argument. Winstone 5.21: Update Jetty from 9.4.42.v20210604 to Jetty 9.4.43.v20210629. pull 5670JENKINS-66379Winstone 5.20 changelogWinstone 5.21 changelogJetty 9.4.43 changelog
  • Fix wrong parameter type for Text Parameter when triggering a build via the buildWithParameters API call. pull 5704

2.303.1

August 25, 2021
Bug fix
Enhancement
  • Use Java 11 in Docker images instead of Java 8. Blog post
  • Allow Java 11 administrative monitor to be disabled with a system property. JENKINS-66177

2.289.3

July 28, 2021
Bug fix

2.289.2

June 30, 2021
Security
Enhancement
Bug fix
  • Prepare for form submission changes in future Firefox releases. Adapt form validation for all web browsers and form validation test automation for HtmlUnit based tests. JENKINS-65585pull 5479pull 5405
  • A race condition in class loading could result in a LinkageError. JENKINS-65766
  • Do not change fonts when build artifacts are as shown as a tree. JENKINS-65751
  • Jenkins redirects users to the previous page after login even if they were able to view it while not logged in (regression in 2.266). JENKINS-64991
  • Fix incorrect process termination issues when running on macOS. JENKINS-65195
  • Add check to prevent out of bounds memory access error on macOS. JENKINS-64347

2.289.1

June 2, 2021
Major bug fix
  • Fix NoSuchMethodError when using plugins that rely on bridge methods for compatibility (regression in 2.278). JENKINS-65605
Bug fix
  • Fix form submission for some specific form validation cases (regression in 2.289). JENKINS-65585
  • Wrap the build name in the build results list if it is too long. JENKINS-65190
  • Improve performance for standard input of the Jenkins CLI, for example with the `install-plugin` command. JENKINS-64294
  • Fix an issue archiving files greater than 4 GiB in size when creating ZIP64 archives. JENKINS-52356

2.277.4

May 5, 2021
Bug fix
  • Fix disabled dropdown items to appear disabled (regression in 2.277.1). JENKINS-65021
  • Fix load statistics graph links to include correct graph duration (regression in 2.277.1). JENKINS-65336
  • Honor the current folder when creating new views with the "New View" link. JENKINS-56934
Enhancement

2.277.3

April 20, 2021
Security
Enhancement

2.277.2

April 7, 2021
Security
Major bug fix
  • Fix help buttons in the draggable section (regression in 2.277.1). JENKINS-64972
Enhancement
Bug fix
  • Fix NoClassDefFoundError exception while executing ProcessTree.get(). JENKINS-62006
  • Prevent Jenkins queue deadlock when cancelling tasks under certain conditions. JENKINS-64931
  • Reduce logging of renamed API endpoint. JENKINS-65186

2.277.1

March 10, 2021
As described in the Major changes in the weekly release line blog post, this release improves key user interface components. Configuration user interfaces now use html div markup to present a better layout than the previous html table layout. Configuration pages are now easier to read, easier to understand, and work better on a wide range of screens. See the Jenkins issue tracker for a list of plugins known to have issues with the change.

 

As described in the Spring and XStream updates (breaking changes!) blog post, this release updates and replaces outdated internal components. The Acegi security library used for authentication has been replaced by Spring Security (JEP-227). See the Spring Security compatibility table for the latest plugin compatibility status. A fork of the XStream library used to read and write XML files has been replaced by the upstream version of XStream (JEP-228). See the XStream compatibility table for the latest plugin compatibility status.

 

Known IssuesIf your Jenkins instance was created before Jenkins 2.4 or 2.7.1 LTS, a Setup Wizard may appear on the startup after the upgrade. In such a case, a Jenkins admin may need to skip the plugin installation. See the upgrade guide for the detailed guidelines.
Security
Major bug fix
  • Show available plugin updates by reloading update center data on upgrade/downgrade. JENKINS-41727
  • Fix Internet Explorer 11 rendering of the Available plugins tab (regression in 2.270). JENKINS-64805
  • Include 'plugin-id' and 'plugin-version' data attributes in the Available plugins tab (regression in 2.270). JENKINS-64775
  • Fix plugin search over multiple update sites (regression in 2.270). JENKINS-64840
Bug fix

2.263.4

February 10, 2021
Enhancement
  • Improve performance in fingerprint file creation. JENKINS-64670
Bug fix
  • Use the correct freestyle font-size for descriptions. JENKINS-64332
  • Don't tell user's to signup when signup is not available. JENKINS-64426

2.263.3

January 25, 2021
Security
Major bug fix
  • Provide a default implementation of the "all files in zip" download link. This is especially important for external storage plugin (regression in 2.263.2). JENKINS-64655
  • Fix the file handle leak inside DirectoryBrowserSupport (regression in 2.263.2). pull 5188JENKINS-64632SECURITY-1452
  • Include root folder in downloaded zip files (regression in 2.263.2). Resolve an additional related zip archive root folder issue. pull 5187JENKINS-64621JENKINS-61473SECURITY-1452

2.263.2

January 13, 2021
Security
Major bug fix
  • Help text now expands in behaviours for GitHub organization folders (regression in 2.244). JENKINS-64373
Enhancement
Bug fix

2.263.1

December 3, 2020
Major bug fix
Bug fix
  • Fix file handle leak when viewing corrupted build logs. Upgrade Stapler from 1.260 to 1.261. pull 5038Stapler 1.261 changelog
  • Prevent the Build History Widget from crashing when users have Discover permissions without Read for folders. JENKINS-63868
Enhancement

2.249.3

November 4, 2020
Major bug fix
Bug fix
  • Prevent radio buttons from moving when they are clicked. JENKINS-63332

2.249.2

October 7, 2020
Major bug fix
  • Fix migration of status filter when coming from an older version of Jenkins (regression in 2.249.1). JENKINS-62661
Bug fix
  • Make alert colors consistent with 'Manage Jenkins' alert colors. JENKINS-63330
  • Avoid warning on logs about Anonymous Class in hudson.FilePath. JENKINS-63563
  • Fix NullPointerException pollution on logs if PluginDeprecationMonitor is enabled and some conditions are met. JENKINS-63562
  • Developer: Make unavailable plugin background themeable. JENKINS-63331

2.249.1

September 9, 2020
Security
Major bug fix
  • Stop pre-formatting agent logs to prevent deadlocks (regression in 2.231). JENKINS-63458
  • Fix button that copies API token to clipboard (regression in 2.238). JENKINS-63274
  • Restore wrapping tabs into multiple lines instead of overflowing (regression in 2.248). JENKINS-63180
Bug fix
  • Normalize widget colors to be consistent with the new color palette. Fixes bread crumbs flash in Dark Theme
  • Empty installed plugins table text is readable again (regression in 2.249). JENKINS-63276
  • Show build time data in the Build Time Trend Page (regression in 2.245). JENKINS-63232
  • Replace text references to slave with agent in Japanese documentation and messages. JENKINS-63166
  • Fix backspace key sometimes did not delete text from the Script Console on a Mac (regression in 2.248). JENKINS-63342
  • Fix regular expression validator UI location (regression in 2.244). JENKINS-63308
Enhancement

2.235.5

August 17, 2020
Security
Major enhancement
  • Major update of the Alpine-based Jenkins Docker image. Jenkins Docker image for Alpine now uses Alpine 3.12 and AdoptOpenJDK 8u262. upgrade guide

2.235.4

August 12, 2020
A new GPG signing key is used for the Jenkins long term support package repositories. Follow the instructions in the Linux repository signing blog post to install the new public key on your computer.
Security
Major enhancement
  • Use new 64 bit Windows installer with service account checks and port validation. Supports 64 bit Java 8 and 64 bit Java 11. AnnouncementUpgrade guide
Bug fix
  • Allow graceful shutdown when SCM triggers are configured. JENKINS-62695
  • Fix IllegalArgumentException: Method not found error caused by misbehaviour in Util.isOverridden() (regression in 2.241). JENKINS-62723

2.235.3

July 27, 2020
Major enhancement

2.235.2

July 15, 2020
Security
Bug fix

2.235.1

June 17, 2020
Major bug fix
  • Make plugin manager work on Internet Explorer 11 again (regression in 2.231). JENKINS-62163
  • Prevent telemetry warnings about missing javax.annotation classes when running with Java 11 (regression in 2.231). JENKINS-61920
  • Fix a deadlock involving custom loggers during agent startup (regression in 2.231). JENKINS-62181
Bug fix
  • Prevent Old Data Monitor from failing plugin loading in the case of class field unmarshalling issues. JENKINS-62231

2.222.4

May 24, 2020
Major bug fix
  • Prevent a form validation "404 Not Found" error when the resource root URL configuration points at a previously configured resource root URL (regression in 2.222.1). JENKINS-62133
Bug fix
  • Upgrade to Remoting 4.2.1 to fix an issue with large payloads over WebSockets. Requires a matching agent.jar with remoting 4.2.1 or later. JENKINS-61409pull 4601pull 4596Remoting 4.2.1 changelogWebSockets blog postJEP-222
  • Update Groovy Init hooks to run after all job configurations are adapted. JENKINS-61694
  • Fix spacing between error messages in Setup Wizard (regression in 2.222.1). JENKINS-61660
  • Fix input field hints for tools like the git plugin that search the PATH for their executable (regression in 2.222.1). JENKINS-61711
  • Remove grey bar below the textarea form elements for read only users. JENKINS-61284
  • Distinguish between defined (*****) and undefined (N/A) password on read-only configuration forms for users with Overall/SystemRead or Item/ExtendedRead permissions. JENKINS-61812
Enhancement

2.222.3

April 24, 2020
Major bug fix
  • Use the saved global build discarder configuration on restart. JENKINS-61688
  • Fix proxy form validation when a password is set (regression in 2.222.1). JENKINS-61692
Bug fix
Enhancement
  • Developer: Make h.checkAnyPermission and <l:layout permissions="..."> work on objects that aren't AccessControlled. JENKINS-61465
  • Developer: Prevent spurious deprecation messages by removing the deprecated findbugs-annotation. JENKINS-61279

2.222.2

April 22, 2020
Jenkins 2.222.2 was not packaged or delivered. All changes planned for 2.222.2 are included in 2.222.3.
Bug fix
  • Jenkins 2.222.2 was not placed in the artifact repository or on the download site.

2.222.1

March 25, 2020
Global build discarder configuration is not loaded from disk when Jenkins starts (JENKINS-61688). Configuration is saved but not loaded on restart. Jenkins 2.222.1 will always start with the default configuration of the Job Build Discarder. Custom global build discarder configuration is ignored on restart. The default global build discarder is configured each time that Jenkins restarts.
Security
Major bug fix
Enhancement
  • Security hardening related to request routing and CSRF protection. related upgrade guide
  • Developer: Listen on loopback interface by default in debug mode. pull 4515

2.204.6

March 25, 2020
Security
Enhancement

2.204.5

March 7, 2020
System logging customization defect (JENKINS-57888 - system logging customization) from Jenkins 2.177...2.203.3 is reintroduced in this version as it is considered as less serious than the fixed regressions. There is a plan to fix it again in 2.222.1.
Major bug fix
  • Fix propagation of the maximum form content size and form content keys number (regression in Jetty 9.4.20 and Jenkins 2.204.3). JENKINS-60409
  • Fix improper reverse proxy redirects to 127.0.0.1 due to X-Forwarded-Host and X-Forwarded-Port ordering issue (regression in Jetty 9.4.20 and Jenkins 2.204.3). JENKINS-60199
Bug fix
  • Revert Winstone from 5.8 to 5.3 to resolve embedded Jetty web container regressions in later Winstone versions. High default maximum form size limit and reverse proxy redirection are restored (regressions in 2.204.3). JENKINS-60409JENKINS-60199Winstone changelog

2.204.4

March 3, 2020
Major bug fix

2.204.3

February 28, 2020
Enhancement
Bug fix
  • If the Jenkins root URL has been configured by scripts prior to running the setup wizard, skip the location configuration panel even if selecting the option to skip creation of an admin user. JENKINS-60750
  • Prevent inaccurate warnings about missing classes on Java 11 triggered by JavaMelody when Monitoring Plugin is installed. JENKINS-60725
  • Include details in the system log when a build rotation fails. JENKINS-60716
  • Fix java version check for AdoptOpenJDK 11. JENKINS-60678
  • Prevent Jenkins page rendering from being blocked when the update center data parsing is in progress. JENKINS-60625
  • Winstone 5.7: Fix support of system logging customization (regression in 2.177). pull 4452JENKINS-57888Winstone 5.7 release notes
  • Fix null pointer exception in Agent API when the agent is offline (e.g. retrieving agent version or OS description). JENKINS-42658

2.204.2

January 29, 2020
Security
Major bug fix
  • User is no longer logged out when authenticating another user. JENKINS-59107
Enhancement
  • Security hardening related to Stapler routing.
  • Security hardening: Set X-Content-Type-Options to nosniff in REST API responses.
Bug fix
  • Disable multiple deletion attempts if hudson.Util.maxFileDeletionRetries is zero. JENKINS-60351
  • Prevent 'zombie' executors on built-in node by removing one-off executors in Computer.removeExecutor. JENKINS-57304
  • Fix AtomicFileWriter performance issue on CephFS when creating an empty file. JENKINS-60167
  • Developer: ViewGroupMixIn#getPrimaryView() may return null, and needs to be checked by plugins depending on this version of weekly and beyond. It is an intermediate state until a default view is implemented. JENKINS-60092

2.204.1

December 18, 2019
Configuration as code plugin users upgrading to Jenkins 2.204.1 should review the LTS upgrade guide global configuration save topic and the LTS upgrade guide download settings topic
Enhancement
  • Show a tooltip with the full link name when hovering over sidebar links. JENKINS-59508
Bug fix
  • Prevent faulty subtask contributors from leaving builds running forever. JENKINS-59793
  • Fix Uninstall column sorting in the Plugin Manager Install pane. JENKINS-59665

2.190.3

November 20, 2019
Bug fix
  • Robustness: Do not allow users to resubmit requests using POST on URLs requiring a form submission, as that will fail anyway. JENKINS-59514
  • The lastCompletedBuild permalink was not being cached in the …/builds/permalinks file. JENKINS-56809
  • Fix labels to Atom feed links. JENKINS-48375
  • Revert changes in forms submission in Jenkins classic UI with Firefox. Changes caused a regression on forms with "file" inputs. These were made to anticipate a bugfix in Firefox which has been backed out since. (regression in 2.164.3) JENKINS-58296JENKINS-53462Firefox issue 1370630

2.190.2

October 28, 2019
Bug fix
  • URLs of some projects with emojis in their name were inaccessible. JENKINS-59406
  • Increase client-side keep-alive ping frequency on the HTTP-based CLI to prevent timeouts. JENKINS-59267
  • Internal: hudson.util.ProcessTree.OSProcess#getEnvironmentVariables returned null when an error occurred even though it shouldn't. JENKINS-59580

2.190.1

September 25, 2019
Security
Bug fix
  • Fix missing absolute URL in the RSS / Atom feeds. (regression in 2.190) JENKINS-59167
Major bug fix
  • Jenkins UI broke when a slow trigger administrative warning would be shown. (regression in 2.189) JENKINS-58938

2.176.4

September 25, 2019
2.176.4 and 2.190.1 contain the same security fixes. We're providing an additional release of the 2.176.x LTS line to allow administrators to apply security updates without having to perform a major upgrade.
Security

2.176.3

August 28, 2019
Security
Bug fix
  • The plugin manager UI no longer prevents disabling a plugin when other plugins only have optional dependencies to it. JENKINS-33843
  • Fix performance issue when using "Remember me". (regression in 2.160) JENKINS-56243
  • Do not throw exception when testing proxy configuration. (regression in 2.168) JENKINS-57383
  • Prevent occasional IllegalStateException on Jenkins restart and invalidate the user session. JENKINS-55945

2.176.2

July 17, 2019
Security
Bug fix
  • A thread pool used to wait for external processes to complete could leak class loaders. JENKINS-57725
  • Make sure detached plugins (plugins whose functionality used to be part of Jenkins itself) are installed upon Jenkins startup when needed as implied dependencies of other plugins which were already present. This simplifies compatibility for specialized installation scenarios not using the update center, such as when Jenkins is run from a Docker image prepackaged with some plugins. JENKINS-57528
  • Update WinP from 1.27 to 1.28 to fix problems with a missing DLL and flickering console window in the Windows graceful process shutdown logic. JENKINS-57477full changelog
Enhancement
  • Replace some exception stack traces related to agent channels with simpler messages. JENKINS-57993

2.176.1

June 10, 2019
Bug fix
  • Restore Chinese localized resources used by the setup wizard. JENKINS-57412
  • Robustness: Do not put agent offline for runtime exceptions in ComputerListener#onOnline(). JENKINS-57111

2.164.3

May 9, 2019
Bug fix
  • Corrupted console notes could cause an uninformative NegativeArraySizeException to be thrown from ConsoleNote#readFrom and build log display to be broken. JENKINS-45661
  • The setup wizard did not properly escape passwords, resulting in errors with certain special characters. JENKINS-56856
  • Make form submit buttons on the Jenkins classic UI compatible with potentially upcoming Firefox bug fix. JENKINS-53462Firefox bug 1370630
  • Properly flush output from the Maven console annotator. JENKINS-56995
  • Make Debian/Ubuntu launcher script work with Java 11. JENKINS-57096
Enhancement

2.164.2

April 10, 2019
Security
Bug fix
  • Workspace and artifacts browsing did not work on Windows Server 2016 with Microsoft Docker. (regression in 2.150.2) JENKINS-56114
  • Prevent NullPointerException when discarding unreadable fingerprint data. JENKINS-43218

2.164.1

March 13, 2019
No notable changes in this release.

2.150.3

February 13, 2019
Bug fix
  • Improve robustness of console annotators such as the Timestamper plugin in conjunction with certain Pipeline steps such as git on an agent with an old agent.jar. JENKINS-55257
  • User account creation by administrators did not show error messages when it failed. (regression in 2.129 and 2.138.1) JENKINS-52869

2.150.2

January 16, 2019
Security
Enhancement
  • Invalidate sessions and CLI authentication caches when changing the user password in the Jenkins user database.
  • Add support for killing child processes on AIX. JENKINS-16867

2.150.1

December 5, 2018
Security
Bug fix
  • Revert compatibility fix for future releases of Firefox due to regressions it caused since 2.148. JENKINS-54261JENKINS-54333JENKINS-54570
  • Prevent Stream is closed error in case a CLI command finishes before the input is entirely read. JENKINS-54310
  • Avoid Premature EOF error when using the shutdown CLI command. JENKINS-49196
  • Do not cache CSS/JS resource files for console annotations like Timestamper Plugin across Jenkins restarts. JENKINS-38719

2.138.4

December 5, 2018
Security

2.138.3

November 8, 2018
Bug fix
  • The initial visibility of nested groups of radio buttons did not accurately reflect the current values. JENKINS-48516
  • Improve robustness when search items don't specify a display name. JENKINS-50795
Enhancement
  • Update Stapler from 1.254.2 to 1.255 to integrate a fix related to StaplerProxy#getTarget() return value handling. pull 3690stapler/stapler#149
  • Add telemetry trial related to Stapler request dispatching. JENKINS-54029

2.138.2

October 10, 2018
Security
Major enhancement
Major bug fix
Enhancement
Bug fix
  • Fix a thread safety issue when creating multiple nodes in parallel. JENKINS-53401
  • Nested f:repeatable/f:repeatableProperty form elements inherited minimum when they shouldn't. JENKINS-37599

2.138.1

September 12, 2018
Bug fix
  • A configured quiet period was interpreted as milliseconds, instead of seconds. (regression in 2.82) JENKINS-48770

2.121.3

August 15, 2018
Security
Enhancement
Bug fix
  • Fix a potential deadlock between queue maintenance and asynchronous execution. JENKINS-46248
  • Security hardening: Prevent files in tar archives from being written to a path outside the destination directory. JENKINS-51777
  • Dynamically loaded plugins now have any PeriodicWork/AperiodicWork extensions scheduled. JENKINS-28683

2.121.2

July 18, 2018
Security
Enhancement
  • Update Remoting from 3.20 to 3.21 to apply logging enhancements and better no_proxy support. JENKINS-51223JENKINS-50965JENKINS-51551Remoting 3.21 changelog
  • Improve diagnostics of corrupted plugin archives during plugin dynamic loading. JENKINS-51608
  • Robustness: A buggy ComputerListener#onConfigurationChange implementation should not block Jenkins startup. JENKINS-50217
  • Diagnostics: Log stack traces in JEP-200 rejection messages when jenkins.security.ClassFilterImpl logging level is FINE or above. JENKINS-51355
  • Improve Jenkins root URL validation. JENKINS-51158
  • Do not remove workspaces for projects with builds in progress. JENKINS-27329
  • Developer: ComputerLauncher implementations can now set channels with a custom CommandTransport implementation. JENKINS-51541
  • Developer/Internal: Remove use of a Guava method deleted in later versions, which could cause problems for plugins running functional tests. JENKINS-51779
Bug fix
  • If using the Artifact Manager on S3 plugin with the (non-default) option to delete artifacts, they were not deleted when the entire build was deleted. JENKINS-51819
  • Don't monitor response time on offline agents. JENKINS-20272
  • Copying Run parameters did not work as expected as RunParameterDefinition#copyWithDefaultValue called the wrong constructor. JENKINS-51650
  • Restore implied dependency on JDK Tool Plugin from Apache HttpComponents Client 4 API Plugin to fix dependency problems. JENKINS-51483
  • Actions created from a TransientActionFactory that got attached to an item in the queue are no longer persisted, which could previously lead to duplicate actions shown for builds. JENKINS-51584
  • Prevent unhandled ClassCastException when loading fingerprints from corrupted files. JENKINS-51179
  • Do not duplicate caller stack trace when FilePath#act fails. JENKINS-51082
  • Fix behaviour of Advanced button when a section element is nested inside. JENKINS-14632
  • Developer API: StreamTaskListener#getCharset() now returns the default charset when it is not configured. JENKINS-51971
  • Developer API: Prevent NullPointerException in SlaveComputer#setChannel(Channel,OutputStream,Channel.Listener) with null OutputStream. JENKINS-51955

2.121.1

June 7, 2018
Enhancement
  • Faster list rendering of Plugin Manager » Available. JENKINS-51205

2.107.3

May 9, 2018
Security
Enhancement
Bug fix
  • Don't log null pointer exceptions on some forms with validation button. (regression in 2.107.2) JENKINS-50748
  • Allow users without Overall/Read access to use the who-am-i and logout commands. JENKINS-50324
  • Fix a race condition in the Setup Wizard that could lead to it being skipped on the first startup when groovy scripts or init scripts are pre-installed. JENKINS-49401
  • In rare configurations, agents tried to load unloadable classes from the controller, resulting in ClassNotFoundException: javax.servlet.ServletContextListener on agents. JENKINS-46386
  • Make Cancel Shutdown link in side panel work without requiring the page to be reloaded. JENKINS-44402

2.107.2

April 11, 2018
Security
Major bug fix
  • Display estimated remaining time again for Pipeline jobs. (regression in 2.89.4) JENKINS-48821
Enhancement
  • Update Apache Mina SSHD Core from 1.6.0 to 1.7.0 in CLI client. JENKINS-49565changelog
  • Update Executable War from 1.37 to 1.38 to show an error when an attempt is made to run Jenkins on Java 9. JENKINS-49737full changelog
  • Always show the built-in node in the executors widget, even when it is offline. JENKINS-34712
  • Periodically persist the build queue so it can be restored on abnormal process termination. JENKINS-30909
  • Reduce memory footprint of jenkins.model.lazy.AbstractLazyLoadRunMap#search in descending order. JENKINS-50056
  • Add ConcurrentLinkedQueue to white-listed classes for use in XStream (XML serialization) and Remoting (agent communication). JENKINS-49788
Bug fix
  • JEP-200: Allow org.apache.tools.ant.Location deserialization to prevent exception when listing agent files in non-existent directory or invalid filter. JENKINS-50237
  • Clean up the build.xml files of parameterized projects that contained unnecessary serialized data. JENKINS-49795
  • Restore serialVersionUID of AbstractTaskListener. (regression in 2.91) JENKINS-50124
  • Prevent FileNotFoundException in hudson.Util#loadFile in case of race condition. JENKINS-49971
  • Make proxy views work inside folders. JENKINS-49642
  • Upgrade Winstone from 4.1.0 to 4.1.2 to prevent User session memory leak by setting the default idle session eviction timeout to 30 minutes. JENKINS-49596full changelog
  • Fix translation of 'sign up' in Dutch, used to be 'sign in'. JENKINS-49498
  • Improve robustness in case a build with parameters was stored with a null list of parameters. JENKINS-39495
  • Prevent NullPointerException in AbstractProject#checkout when the agent disconnects during a build. JENKINS-29470

2.107.1

March 14, 2018
This is the first LTS release that includes the JEP-200 Remoting and XStream serialization allowlist. This core change requires corresponding changes in many plugins for them to be compatible. We strongly recommend that you read the LTS upgrade guide, make sure you have good backups before upgrading, and validate this release in a staging environment first.
Bug fix
  • Make JEP-200 serialization allowlist more reliable on old versions of Tomcat 8. JENKINS-49543
  • Don't show input validation errors in optional numeric form fields. (regression in 2.105) JENKINS-49387JENKINS-49520

2.89.4

February 14, 2018
Security
Enhancement
Bug fix
  • Update Stapler from 1.253 to 1.254 to make the form that shows up when a URL requiring POST is accessed using a different HTTP verb work with CSRF protection enabled. JENKINS-34254Stapler changelog
  • Do not downgrade detached plugins when upgrading Jenkins while its previous version was not properly recorded. JENKINS-48899
  • The setup wizard is now resumed upon restart if it hasn't been completed yet, instead of showing the regular login screen. (regression in 2.81) JENKINS-47439

2.89.3

January 18, 2018
Major bug fix
  • Make sure detached plugins (plugins whose functionality used to be part of Jenkins itself) are installed when upgrading Jenkins past the version at which the plugin was detached. JENKINS-48365
Bug fix
  • Make the system property hudson.consoleTailKB actually work. JENKINS-48593Jenkins features controlled by system properties
  • Fix a performance regression in Jenkins 2.86 due to lock contention in ExtensionList. JENKINS-48505
  • Prevent setup wizard from hanging when the two provided passwords differ, instead show a validation error. JENKINS-48080
  • Prevent concurrent installation of Maven on the same node to prevent problems. JENKINS-34138
  • Prevent potential NullPointerException when migrating the default "All View" name for a "My Views" user property. JENKINS-48157
Enhancement
  • Cache permission names, allowing Jenkins to recover faster after "stop-the-world" Java GC pauses. JENKINS-48349
  • Improve user lookup performance, for example from Git changelog calculation. JENKINS-47429

2.89.2

December 14, 2017
Security

2.89.1

December 6, 2017
Upgrading to Jenkins 2.89.1 does not install the Command Launcher plugin (see below) as it should. If you're using the Launch agent via execution of command on the master launch method for agents, or cloud provider plugins, make sure to manually install the plugin after upgrading, and restart Jenkins afterwards.
Major bug fix
  • Recover from legacy user configuration folders with $ characters that are not part of hex escape sequences. (regression in 2.89) JENKINS-47909
  • Fix Download from java.sun.com installation method for JDK for downloads requiring an Oracle login after change to the Oracle site. JENKINS-47448
Enhancement
Bug fix

2.73.3

November 8, 2017
Security
Major bug fix
  • Fix Download from java.sun.com installation method for JDK for downloads requiring an Oracle login after change to the Oracle site. JENKINS-47448
Bug fix
  • Fix potential HTTP 414 error in form validation of long Batch/Shell tool installer scripts. JENKINS-47058
  • Properly display agent launch arguments when using nested launch methods. JENKINS-47056
  • Disconnect node on ping timeout instead of leaving the channel half open. JENKINS-46680
  • Avoid a possible server-side timeout on long-running CLI commands using plain HTTP mode by sending periodic pings from the client. JENKINS-46659

2.73.2

October 11, 2017
Security
Major bug fix
Major enhancement

2.73.1

September 13, 2017
Two regressions since the previous LTS release have been identified in 2.73.1. One involved Remoting (agent) connections and the other concerns failures to use passphrase-protected ed25519 SSH keys. Please see the LTS upgrade guide for 2.73.1 for more information.
Enhancement
Bug fix
  • Prevent caching of the item categories list by the browser to prevent stale data. JENKINS-43848
  • Improve robustness of the reverse build trigger ("Build after other projects are built"). JENKINS-45909
  • Include culprits in XML and JSON API again. (regression in 2.60) JENKINS-46082
  • Button to validate proxy configuration in Manage Plugins now works correctly with NTLM authorization. JENKINS-46288

2.60.3

August 17, 2017
Bug fix
  • Contributions to the PATH environment variable could result in malformed values on agents on a platform different from controller's. JENKINS-14807
  • Robustness improvements related to agent connections. JENKINS-43496JENKINS-38527
  • JNLP for launching agents now requests Java 8. JENKINS-45679
  • Prevent NullPointerException in Jenkins#getRootURL() while the instance is not fully loaded yet. JENKINS-34914
  • Fix NullPointerException when calculating culprits. JENKINS-45516
Enhancement
  • The reload-configuration CLI command now waits until the reload is finished, and returns an error code if the reload failed. JENKINS-45256
  • Remove the "JNLP" protocol references from the TCP Agent Listener log messages. JENKINS-44103

2.60.2

July 19, 2017
Enhancement
Bug fix
  • Add documentation for time zone specification for cron patterns (e.g. SCM polling). JENKINS-9283
  • Do not submit form when pressing Enter in the plugin manager's filter field. JENKINS-44523
  • Jenkins failed to perform some cleanup tasks, including saving the build queue, if stopped via REST /exit, CLI shutdown, or when restarting from Install as Windows Service. JENKINS-44589
  • Don't check whether disabled administrative monitors are active or not on the Manage Jenkins page. JENKINS-44608
  • When starting the jenkins.war directly, properly check for Java 8 as minimum instead of Java 7 before proceeding. JENKINS-44764
  • Prevent NullPointerException when calling restart CLI command. (regression in 2.57) JENKINS-44769
  • Prevent possible NullPointerException when listing remote directories using the FilePath#list() and FilePath#listDirectories() APIs. JENKINS-44942

2.60.1

June 21, 2017
2.60.1 is the first Jenkins LTS release that requires Java 8 to run. If you're using the Maven Project type, please note that it needs to use a JDK capable of running Jenkins, i.e. JDK 8 or up. If you configure an older JDK in a Maven Project, Jenkins will attempt to find a newer JDK and use that automatically. If your SSH Build Agents fail to start and you have the plugin install the JRE to run them, make sure to update SSH Build Agents Plugin to at least version 1.17 (1.20 recommended).
Bug fix
  • Fix for NullPointerException while initiating some SSH connections. (regression in 2.59) JENKINS-44120

2.46.3

May 25, 2017
Bug fix
  • If an exception is thrown while rendering an HTTP response, just log the stack trace on the server side, without trying to send an error page to the client. JENKINS-21695
  • Setup wizard gets into bad state when failures like network issues happen. JENKINS-41778
  • Catch and log RuntimeException in Computer#setNode() when updating the Computer list. JENKINS-42043
  • Fix AccessDeniedException in "Build after other projects are built" when user has Discover permission but not Read. JENKINS-42707
  • Prevent NullPointerException when a non-existent default view is specified in Configure System. JENKINS-42717
  • Properly handle saving system configuration when disabling all, or all but one, administrative monitors. JENKINS-42852
  • Remove links in stack traces to the stacktrace.jenkins-ci.org service that has been shut down. JENKINS-42861
  • Ensure that Cloud.PROVISION is properly initialized during the configuration loading. JENKINS-43279
  • Prevent rare NullPointerException if an admin user is created in the setup wizard after first disabling CSRF protection. JENKINS-44010
Enhancement
  • Migrate legacy users only once per restart to improve performance of the user retrieval logic. JENKINS-43936

2.46.2

April 26, 2017
Security
Major enhancement
Enhancement
Bug fix
  • Computer#addAction would throw an UnsupportedOperationException since Jenkins 2.30. Such a call site was released in SSH Build Agents Plugin 1.15 for SECURITY-161. JENKINS-42969security advisory including SECURITY-161
  • Search results page did not correctly encode query parameters. JENKINS-42390
  • When validating a cron expression, consider the specified time zone. JENKINS-43228
  • Do not display a warning when an SCM trigger has no schedules (either to disable SCM post-commit hooks, or to enable them without polling). JENKINS-42194
  • Fix performance issue in deduplication of lists of tool installers. JENKINS-42141

2.46.1

March 29, 2017
Bug fix
  • Prevent file descriptor leaks when Windows Service installer fails to read data from the service startup log. JENKINS-42670
  • Update Remoting from 3.5 to 3.7 in order to prevent file descriptor leaks on agents in the case of multiple connection attempts. full changelog
  • Exceptions during Jenkins cleanup step should not block restart. JENKINS-42164
  • Cryptic error message when loading JnlpSlaveAgentProtocol4. JENKINS-41987
  • Developer: Snapshot builds of plugins that had dependencies on other snapshot builds were not having their version numbers compared correctly. JENKINS-41899
  • Do not attempt to find the next occurrence of an impossible date such as June 31st in validation of trigger schedules. JENKINS-41864
  • Remoting 3.5: Stability improvements. JENKINS-41513JENKINS-41852
  • Remove invalid translations in Slovene. JENKINS-41756
  • Use of the remote API to create items in views (/view/…/createItem) didn't actually add items to views since Jenkins 2.22. JENKINS-41128
  • Remoting 3.5: Remoting clients now accept lowercase (HTTP 2) headers sent by reverse proxies. JENKINS-40710
  • Windows service restart did not retain build queue. JENKINS-32820
Enhancement
  • Remoting 3.5: Add option to specify the Remoting protocol to use on the client. JENKINS-41730

2.32.3

March 1, 2017
Bug fix
  • Display an informative message, rather than a Groovy exception, when View#getItems fails. JENKINS-41825
  • Don't try to set Agent Port when it is enforced, breaking form submission. JENKINS-41511
  • Don't add all group names as HTTP headers on "access denied" pages, possibly breaking reverse proxies due to very large headers. JENKINS-39402
  • Fix handling of the POST flag in ManagementLinks within the Manage Jenkins page. JENKINS-38175
  • IllegalStateException from Winstone when making certain requests with access logging enabled. JENKINS-37625
  • Do not fail to write a log file just because something deleted the parent directory. JENKINS-16634

2.32.2

February 1, 2017
Security
Major enhancement
Bug fix
  • Correctly state that Jenkins will refuse to load plugins whose dependencies are not satisfied in plugin manager. JENKINS-40666
  • The install-plugin CLI command now correctly installs plugins when multiple file arguments are specified. JENKINS-32358
  • Prevent the ClassNotFoundException: javax.servlet.ServletException error when invoking shell tasks on remote agents. JENKINS-40863
  • Properties were not passed to Maven command by Maven build step when the Inject Build Variables flag was not set. JENKINS-39268
  • Job configuration submission now does not fail when there is no parameters property. JENKINS-39700
  • Update Remoting to 3.4 in order to properly terminate the channel in the case Errors and Exceptions. JENKINS-39835
  • Check for Updates button in the Plugin Manager was hidden in the Updates tab when there was no plugins updates available. JENKINS-39971
  • SSHD Module: Handshake was failing (wrong shared secret) 1 out of 256 times due to SSHD-330. JENKINS-40362
  • Performance: Use bulk change when submitting Job configurations to minimize the number of sequential config.xml write operations. JENKINS-40435
  • Jobs were hanging during process termination on the Solaris 11 Intel platform, regression in 2.20. JENKINS-40470
  • Restore option value for setting build result to unstable when loading shell and batch build steps from disk. JENKINS-40894
Enhancement
  • Update to Winstone 3.2 to support ad-hoc certificate generation on Java 8 (using unsupported APIs). This option is deprecated and will be removed in a future release. We strongly recommend you create self-signed certificates yourself and use --httpsKeyStore and related options instead. JENKINS-25333

2.32.1

December 24, 2016
Major bug fix
  • Prevent early deallocation of process references by Garbage Collector when starting a remote process. It was sometimes causing build failures with messages like FATAL: Invalid object ID 184 iuota=187 and java.lang.Exception: Object was recently deallocated. JENKINS-23271
Bug fix
  • Redirect to login page in the case of authorisation error when checking connectivity to the Update Center. JENKINS-39741
  • WinP 1.24: Native class now tries loading DLLs from the temporary location. JENKINS-20913
  • WinP 1.24: WinP sometimes kills wrong processes when using killRecursive(). It was likely impacting process termination on Windows agents and sometimes leading to BSoD. JENKINS-24453
This is the changelog archive. The changelog for recent releases can be found in the main LTS changelog page.