Daniel Beck
unread,Sep 27, 2017, 12:24:03 PM9/27/17Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Jenkins Advisories
We have identified a critical regression in Jenkins 2.80 that results in the setup wizard being disabled for newly set up Jenkins instances. We are tracking this issue as JENKINS-47139.
This means that any security options enabled during the setup wizard initialization, most notably authorization and authentication, remain disabled. The Jenkins instance will be accessible to anonymous users without authentication, and they will have full (Administer) permissions, until an administrator restricts access.
We are currently preparing Jenkins 2.81 and strongly recommend new installations of Jenkins do not use 2.80.
Instances being updated from previous versions of Jenkins are not affected. This issue is limited to newly set up instances.