Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add upgrade guide and changelog for 2.32.3 #706

Merged
merged 2 commits into from
Mar 1, 2017
Merged

Add upgrade guide and changelog for 2.32.3 #706

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9164f6c
Add upgrade guide and changelog for 2.32.3
daniel-beck Feb 27, 2017
66d1d10
February has 28 days this year, it's not 2016 anymore
daniel-beck Feb 27, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 28 additions & 1 deletion content/_data/changelogs/lts.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,34 @@
<strong>This option is deprecated and will be removed in a future release.</strong>
We strongly recommend you create self-signed certificates yourself and use <tt>--httpsKeyStore</tt> and related options instead.
issue: 25333

- version: "2.32.3"
date: 2017-03-01
changes:
- type: bug
message: >
Display an informative message, rather than a Groovy exception, when <code>View#getItems</code> fails.
issue: 41825
pull: 2739
- type: bug
message: Don't try to set Agent Port when it is enforced, breaking form submission.
issue: 41511
pull: 2726
- type: bug
message: Don't add all group names as HTTP headers on "access denied" pages, possibly breaking reverse proxies due to very large headers.
issue: 39402
pull: 2727
- type: bug
message: Fix handling of the <tt>POST</tt> flag in <code>ManagementLink</code>s within the Manage Jenkins page.
issue: 38175
pull: 2692
- type: bug
message: <code>IllegalStateException</code> from Winstone when making certain requests with access logging enabled.
issue: 37625
pull: 2721
- type: bug
message: Do not fail to write a log file just because something deleted the parent directory.
issue: 16634
pull: 2738

# DO NOT EDIT THIS FILE DIRECTLY
# ALL CHANGES MUST GO THROUGH PULL REQUESTS
Expand Down
12 changes: 12 additions & 0 deletions content/doc/upgrade-guide/2.32.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,18 @@ notitle: true

Each section covers the upgrade from the previous LTS release, the section on 2.32.1 covers the upgrade from 2.19.4.

=== Upgrading to Jenkins LTS 2.32.3

==== Removal of +X-You-Are-In-Group+ headers on "Permission denied" pages

https://issues.jenkins-ci.org/browse/JENKINS-39402[JENKINS-39402]

"Permission denied" pages will no longer include HTTP headers listing all the groups the current user is a member of, as a large number of headers could in some cases result in reverse proxies errors.

Access URLs such as +/whoAmI+ to get information about the currently logged in user and group memberships.

To restore the previous behavior, set the system property `hudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS` to `true`. This is not generally recommended.

=== Upgrading to Jenkins LTS 2.32.2

==== Console notes security fix
Expand Down