LTS Changelog

Legend: major enhancement enhancement major bug fix bug fix xxxxx

Help other Jenkins users by letting the community know which releases you've used, and whether they had any significant issues.
Legend:
= I use it on my production site without major issues.
= I don't recommend it.
= I tried it but rolled back to a previous version.
View ratings below, and click one of the icons next to your version to provide your input.

What's new in 1.509.1 (2013/05/01)

• FilePath.installIfNecessaryFrom routes download over remoting channel (issue 17330)
• Add 'Are you sure' on Reload configuration from disk (issue 15340)
• MavenAbstractArtifactRecord.doRedeploy should require POST (SECURITY-69)
• Hover-over "Build Now" broken for parameterized jobs: "This page expects a form submission" (issue 17110)
• XSS issue, where an internal attacker can cause a remote stylesheet to be loaded and containing scripts executed. (SECURITY-67)
• CVE-2013-1808 stapler-adjunct-zeroclipboard: XSS via copying XSS payload into buffer (SECURITY-71)
• Jenkins.doEval checks ADMINISTER rather than RUN_SCRIPTS; doScript CSRF (SECURITY-63)
• Jenkins is no more WinXP compliant : CreateSymbolicLinkW is not available (issue 17343)

What's new in 1.480.3 (2013/02/15)

• "Remember me on this computer" does not work, cookie is not accepted in new session (issue 16278)
• Slow/hung web UI in 1.483+ (stuck in parseURI) (issue 16474)
• Failure to delete old config files during rekeying on Windows (issue 16319)
• NoClassDefFoundError on Base64 when launching an headless slave with -jnlpCredential option (issue 9679)
• Loading asynchPeople calls (synch) People constructor (issue 16397)
• Jenkins briefly displays build queue and then it disappears until the page is reloaded (issue 15335)
• View.hasPeople too slow to use in sidepanel.jelly (issue 16244)
• XSS (SECURITY-46)
• File parameter causing data lost after Jenkins restart (issue 13536)

What's new in 1.480.2 (2013/01/06)

• The master key that was protecting all the sensitive data in $JENKINS_HOME was vulnerable. (SECURITY-49)

What's new in 1.480.1 (2012/11/17)

• FilePath.validateAntFileMask too slow for /configure (issue 7214)
• java.io.InvalidClassException (issue 14667)
• Log recorders do not work reliably (issue 15226)
• Invalid JSON is produced during remote api operations when a changeSet contains duplicate keys. (issue 13336)
• Header manipulation (CrLf) – open redirect vulnerability in "j_acegi_security_check" (SECURITY-44)
• Memory exhaustion parsing large test stdio from Surefire (issue 15382)
• Persistence XSS vulnerability in build's decription (SECURITY-43)
• Header manipulation (CrLf) – open redirect vulnerability in Work Space (SECURITY-45)

What's new in 1.466.2 (2012/09/13)

What's new in 1.466.1 (2012/07/23)

• A current active build in the build history is lost if the job configuration XML uploaded (issue 12318)
• UnprotectedRootAction doesn't work for /github-webhook/ (issue 14113)
• ERR_CONTENT_DECODING_FAILED returned on testResults and console output after Jenkins reload (issue 13625)
• Cannot parse coverage results Premature end of file. (issue 11251)

What's new in 1.447.2 (2012/06/11)

• Guice injector failure can cause failure of whole Jenkins (issue 13448)
• Jenkins runs out of file descriptors (winstone problem) (issue 9882)
• Parsing of POM happens before SNAPSHOT-Parents are updated (issue 8663)
• Loading All Build History Fails (issue 13238)

What's new in 1.447.1 (2012/03/28)

• File handle leak in serving static files (issue 13097)
• LDAP config error (issue 8152)
• jenkins running in Tomcat doesn't initalize slf4j properly (issue 12650)
• java.lang.NoClassDefFoundError: org.slf4j.impl.StaticLoggerBinder (issue 12446)
• Remote call on CLI channel from [ip] failed (issue 12302)
• jenkins does not start in jboss container (issue 12334)

What's new in 1.424.6 (2012/03/06)

What's new in 1.424.5 (2012/03/05)

What's new in 1.424.4 (2012/03/05)

What's new in 1.424.3 (2012/02/27)

• upgrade Apache Maven Wagon to 2.0 (issue 11164)
• ERROR at Matrix-based security (issue 9519)
• NPE: Failed to record SCM polling (issue 11592)
• JDK Auto install throws FATAL: org/apache/xml/utils/PrefixResolver (issue 11420)
• NoSuchMethodError on slf4j (issue 11960)

What's new in 1.424.2 (2012/01/10)

• Viewing large console logs with timestamper plugin cause Jenkins to crash (issue 9349)
• Maven3 parallel build fails with java.util.ConcurrentModificationException in Jenkins (issue 11256)
• Jenkins PID changes after restart (issue 11742)
• Running Jenkins with the bundeled Winstone is succeptible to the hash table attack http://www.ocert.org/advisories/ocert-2011-003.html (SECURITY-22)

What's new in 1.424.1 (2011/11/30)

• JDKInstaller fails with OutOfMemory exception (issue 10689)
• XSS in Winstone (SECURITY-17)
• Tools download does not appear to respect proxy settings (issue 5271)
• Builds fail in JUnit test archiving (since 1.416) if specifying JDK other than the container (issue 10030)
• Update Json File Signature Error (issue 11110)
• SSH public key based CLI authentication added in 1.419 is broken in 1.421+ (issue 10647)
• JSONException (issue 7034)
• Jenkins 1.427 doesn't work on AIX (issue 10810)
• Maven assembly plugin fails (issue 8837)
• SNAPSHOT dependency detection not working for plugins anymore (issue 10530)
• Proxy settings arent used by JDK-downloader (issue 10634)

What's new in 1.409.3 (2011/11/08)

• XSS in Winstone (SECURITY-17)

What's new in 1.409.2 (2011/09/12)

• Failure in test class constructor or @Before method is not reported (was: Maven plugin doesn't set build to unstable on SurefireExecutionException) (issue 6700)
• truncation or corruption of zip workspace archive from slave (issue 9189)
• testSaturation-fork remoting test hangs (issue 8703)
• Race condition in creating fingerprints for artifacts (issue 10346)
• Slave-Squatter + Heavy-Job plugin causes many executor threads to die (issue 8882)
• Auto Install JDK asks for Oracle account, but the link goes 404 (issue 10556)

What's new in 1.409.1 (2011/06/06)

• Deadlock when upstream and downstream jobs are blocked on each other (issue 8929)
• sporadic : ClassCastException for Maven Pom parsing phase on node (issue 9017)
• Jenkins 1.399: java.lang.UnsupportedClassVersionError: Bad version number in .class file using JmDNS 3.4.0 (issue 8914)
• Raw HTML codes are displayed since 1.407 (issue 9426)
• Access to api/json on second level view fails (issue 9367)
• NULLPOINTER exception on build 1.395 when saving configuration (issue 8866)
• "java.io.IOException: Bad file descriptor" when file copied from slave (issue 7871)
• Block when Downstream breaks Block when Upstream (issue 8968)
• Remember me box doesn't work with unix groups (issue 9094)