Looking to upgrade?
Check the Upgrade Guide for assistance
Security
Major enhancement
-
Add
allow-same-origin to the sandbox Content-Security-Policy directive of workspace and artifact browsers if the Resource Root URL feature is not used.
Allow requests to resources like stylesheets and images, even if a reverse proxy prohibits cross-site requests.
JENKINS-71366
Major bug fix
-
The plain text console log will still be printed even if some console annotations are corrupt.
JENKINS-61452
Bug fix
-
New login page breaks
login-theme-plugin (regression in 2.404).
JENKINS-71238
-
Fix invalid CSS which caused some buttons to become invisible on hover (regression in 2.402).
JENKINS-71238