Changelog

Security

Enhancement

Security hardening to prevent problems like SECURITY-624 in the future. 2017-12-05 security advisory, Ant Plugin fix in 2018-01-22 security advisory
Reduce memory usage when scheduling pipelines on big clusters. JENKINS-48348
Improve UI performance with long list of running builds by caching the estimated duration. JENKINS-48350

Bug fix

Update Stapler from 1.253 to 1.254 to make the form that shows up when a URL requiring POST is accessed using a different HTTP verb work with CSRF protection enabled. JENKINS-34254 , Stapler changelog
Do not downgrade detached plugins when upgrading Jenkins while its previous version was not properly recorded. JENKINS-48899
The setup wizard is now resumed upon restart if it hasn't been completed yet, instead of showing the regular login screen. (regression in 2.81) JENKINS-47439

Changelog for 2.89.4