Updating hudson

"Permission denied" pages will no longer include HTTP headers listing all the groups the current user is a member of, as a large number of headers could in some cases result in reverse proxies errors.

Console notes, the often bold or colored additions to build logs by plugins such as Timestamper or Ansi Color, that were created before you upgrade to Jenkins 2.43 or 2.32.2 will no longer be loaded for security reasons.

updating hudson-66updating hudson-6

This is a patch set release for 3.3.0 and should be of particular interest to Active Directory users blocked by Bug 474329.

Hudson 3.3.0 is now available from the Hudson downloads page.

Note that this release mandates the use of Java 7 or above to run Hudson.

Hudson 3.2.2 is now available for production use from the Hudson downloads page.

While convenient, this constitutes a cross-site request forgery vulnerability, as Jenkins administrators may be tricked into creating hundreds of (not always ephemeral) users. tabs to warn you before installing a vulnerable plugin, or updating to a vulnerable version.

As these warnings are published by your configured update sites, they are generally updated once per day.

Hudson 3.2.0 is now available for production use from the downloads page.

This milestone encapsulates the upgrade of the Spring libraries to Spring 3 and upgrades the capabilities of the Team support to full multi-tenancy with Job Group View and Slave isolation.

For more information see the changelog and the download page.

Tags: , ,